Debian Linux Security Advisory 5280-1 - Several issues were found in GRUB2's font handling code, which could result in crashes and potentially execution of arbitrary code. These could lead to by-pass of UEFI Secure Boot on affected systems.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5280-1                   security@debian.orghttps://www.debian.org/security/                           Steve McIntyreNovember 15, 2022                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : grub2CVE ID         : CVE-2022-2601 CVE-2022-3775Several issues were found in GRUB2's font handling code, which couldresult in crashes and potentially execution of arbitrary code. Thesecould lead to by-pass of UEFI Secure Boot on affected systems.Further, issues were found in image loading that could potentiallylead to memory overflows.For the stable distribution (bullseye), these problems have been fixed inversion 2.06-3~deb11u4.We recommend that you upgrade your grub2 packages.For the detailed security status of grub2 please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/grub2Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmNz7UlfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0QAChAAgkTxbFH4Hn0B++K8FgZRI3fw9pacWN+qYOqTOLyUFPzOW3oX3VZEkXr/1jQ+pzuylet+aFZDLOyH3y5+sOpt4I5IRCn1INYP8ESXK1m+u68aEo1V5jO+la7I0L5ZlIjc7c2IJXO6ZRHnOmJxwcZ9bje4vawfa7rT8k4dlSXoICAg2P70VYnqKljZRdZv+5pNmr4120Fts2tnolI83Rvc/gfP1ru+PWo8Tf0QDihP1pELlpMUtf8Wz0hkpRGuzfVAEN16517Ssasg1rKRa+SSEKnuHXtrUOpDsVNqQwVGac+kOXMUKW08azukTLlUaWp9MZBiVIXUJnJ8dYWf3ZaO9w5rUPwE8f+urMmj5w+z+v6TuMgE8IGcNr77S7Dx142gb9Xp1nVoXqu/1Fgk/7JbErbrDUBMIHDoLmsreNrr0r/o/6BfCu/yvMY5da9VXsD69E8W1V0lJ/UOL38GXW571osReLp7CEWSQf4jxwGRlLyqBkJfVL7+rMDjHL9WPSxLKfW3/9VygQwblRt6tzfzwruToXZLr4A5QCs86ncBFviX7IZpALi56MV+QQwRXXYp9Y2dL8ZIphZ95oli6jHHqhgQlsnUZqge0JIfrsRmJrLXD1jl4RNL+UzirFbI8wO/Mz3udB9HOmt5JEizWW7JFJfY8h+U1G3+ML2drhAiSgU=yxcT-----END PGP SIGNATURE-----

Debian Security Advisory 5280-1

Red Hat Security Advisory 2022-8207-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Low: openjpeg2 security update  
Advisory ID:       RHSA-2022:8207-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8207  
Issue date:        2022-11-15  
CVE Names:         CVE-2022-1122  
====================================================================  
1. Summary:

An update for openjpeg2 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Low. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

OpenJPEG is an open source library for reading and writing image files in  
JPEG2000 format.

Security Fix(es):

* openjpeg: segmentation fault in opj2_decompress due to uninitialized  
pointer (CVE-2022-1122)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2067052 - CVE-2022-1122 openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
openjpeg2-2.4.0-7.el9.src.rpm

aarch64:  
openjpeg2-2.4.0-7.el9.aarch64.rpm  
openjpeg2-debuginfo-2.4.0-7.el9.aarch64.rpm  
openjpeg2-debugsource-2.4.0-7.el9.aarch64.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.aarch64.rpm

ppc64le:  
openjpeg2-2.4.0-7.el9.ppc64le.rpm  
openjpeg2-debuginfo-2.4.0-7.el9.ppc64le.rpm  
openjpeg2-debugsource-2.4.0-7.el9.ppc64le.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.ppc64le.rpm

s390x:  
openjpeg2-2.4.0-7.el9.s390x.rpm  
openjpeg2-debuginfo-2.4.0-7.el9.s390x.rpm  
openjpeg2-debugsource-2.4.0-7.el9.s390x.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.s390x.rpm

x86_64:  
openjpeg2-2.4.0-7.el9.i686.rpm  
openjpeg2-2.4.0-7.el9.x86_64.rpm  
openjpeg2-debuginfo-2.4.0-7.el9.i686.rpm  
openjpeg2-debuginfo-2.4.0-7.el9.x86_64.rpm  
openjpeg2-debugsource-2.4.0-7.el9.i686.rpm  
openjpeg2-debugsource-2.4.0-7.el9.x86_64.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.i686.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 9):

aarch64:  
openjpeg2-debuginfo-2.4.0-7.el9.aarch64.rpm  
openjpeg2-debugsource-2.4.0-7.el9.aarch64.rpm  
openjpeg2-devel-2.4.0-7.el9.aarch64.rpm  
openjpeg2-tools-2.4.0-7.el9.aarch64.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.aarch64.rpm

ppc64le:  
openjpeg2-debuginfo-2.4.0-7.el9.ppc64le.rpm  
openjpeg2-debugsource-2.4.0-7.el9.ppc64le.rpm  
openjpeg2-devel-2.4.0-7.el9.ppc64le.rpm  
openjpeg2-tools-2.4.0-7.el9.ppc64le.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.ppc64le.rpm

s390x:  
openjpeg2-debuginfo-2.4.0-7.el9.s390x.rpm  
openjpeg2-debugsource-2.4.0-7.el9.s390x.rpm  
openjpeg2-devel-2.4.0-7.el9.s390x.rpm  
openjpeg2-tools-2.4.0-7.el9.s390x.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.s390x.rpm

x86_64:  
openjpeg2-debuginfo-2.4.0-7.el9.i686.rpm  
openjpeg2-debuginfo-2.4.0-7.el9.x86_64.rpm  
openjpeg2-debugsource-2.4.0-7.el9.i686.rpm  
openjpeg2-debugsource-2.4.0-7.el9.x86_64.rpm  
openjpeg2-devel-2.4.0-7.el9.i686.rpm  
openjpeg2-devel-2.4.0-7.el9.x86_64.rpm  
openjpeg2-tools-2.4.0-7.el9.i686.rpm  
openjpeg2-tools-2.4.0-7.el9.x86_64.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.i686.rpm  
openjpeg2-tools-debuginfo-2.4.0-7.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1122  
https://access.redhat.com/security/updates/classification/#low  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3PhFdzjgjWX9erEAQgS1Q/9EQDOF4ZawRGe05n43/uEPJi5FJfO0gHE  
6Bf8P9zQPJG0xzs3ZeCJ2HrX8WaN/6VX+N1/Cz0lzO3IVd8biwggdZ2S7EjL8+VT  
cpM2O5EqYS7ScLGnxurEjPXd1D8kcJC6aanu1a5ztiK6tXp693XVtb9EYBRUDtRg  
dgY6qU3xdM5JDwdfXqFeZoHd2/Aaf0DVTLlGyOgSF1NF/whoC60lLPRC9xKRAT8n  
XObHjEm7HyMGrIUPaoSIbzG1pHEjHMT2HyNKXnthzaBSOUaTjtATLSyi9uMvjOpn  
LyyElibSatxRw6YV0k//cprLhvIeRIBk34KGd5uyZEC4BPaeY4I6bmtw1www1zcr  
5DSvjuJP0ZmBEfjY018ibfHbiG+DKafwiTRjxQFz1F2Gn9ug7CVoDd2xTsDF8irq  
APo8aIVQXZFtQ7szURxDUuHEuG7FhylN4NyKvwv9gbqti7hGO7rL9Tzx4eb3Azmg  
CClV4fO7DjWrkmPguyE/Y9Y9u2M/tfCKFzeIfoJ4ykb3QZoqs6eHa+0jX89Dq1AT  
1i0sEREsAcPDN/soUkZ5RnrD82xagCzFEHyukOM78g9LzWgZoU143bIFMfV9Cuz2  
J+dBXf67ygMFbc7F+n8DuEoL2tNzVjkvl9ig9ykrkkkkSnb3kTxp1Zk6QzNhmRP9  
kgngEo/g17c=wQvP  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8207-01

Red Hat Security Advisory 2022-8291-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: rsync security and bug fix update  
Advisory ID:       RHSA-2022:8291-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8291  
Issue date:        2022-11-15  
CVE Names:         CVE-2022-37434  
====================================================================  
1. Summary:

An update for rsync is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - noarch  
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The rsync utility enables the users to copy and synchronize files locally  
or across a network. Synchronization with rsync is fast because rsync only  
sends the differences in files over the network instead of sending whole  
files. The rsync utility is also used as a mirroring tool.

Security Fix(es):

* zlib: heap-based buffer over-read and overflow in inflate() in inflate.c  
via a large gzip header extra field (CVE-2022-37434)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2053198 - rsync segmentation fault  
2077431 - Read-only files that have changed xattrs fail to allow xattr changes [rhel-9]  
2081296 - Enable fmf tests in centos stream  
2116639 - CVE-2022-37434 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

noarch:  
rsync-daemon-3.2.3-18.el9.noarch.rpm

Red Hat Enterprise Linux BaseOS (v. 9):

Source:  
rsync-3.2.3-18.el9.src.rpm

aarch64:  
rsync-3.2.3-18.el9.aarch64.rpm  
rsync-debuginfo-3.2.3-18.el9.aarch64.rpm  
rsync-debugsource-3.2.3-18.el9.aarch64.rpm

ppc64le:  
rsync-3.2.3-18.el9.ppc64le.rpm  
rsync-debuginfo-3.2.3-18.el9.ppc64le.rpm  
rsync-debugsource-3.2.3-18.el9.ppc64le.rpm

s390x:  
rsync-3.2.3-18.el9.s390x.rpm  
rsync-debuginfo-3.2.3-18.el9.s390x.rpm  
rsync-debugsource-3.2.3-18.el9.s390x.rpm

x86_64:  
rsync-3.2.3-18.el9.x86_64.rpm  
rsync-debuginfo-3.2.3-18.el9.x86_64.rpm  
rsync-debugsource-3.2.3-18.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-37434  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3Pg19zjgjWX9erEAQgpRQ/7Bj65nEV0SOIx0sJi2b1JhwxkdT89C2mS  
Xrj2gh3HU92CQpiJZuvDydU3zLbq7OABNznifdKVPsJ+Zth+N4Vrssqzuqb5ztue  
C4stYAdqzZ/quoI5Ou1VTiYBRkoU8EV2YnfXlclgYf4Zgsswr4MqlWXf9aRS90vN  
/Xz8YaI51hejuSVBjoQA97PyYs+uPQfY1s/HSS/kzZm3jyWr0Akx4BdN1XMgKbe0  
K40sip6tee9GvNHXwZ/sLZFs8q/u/7ZzQDfUM0zyYPWCVyIsWixADR8biF2NHRq0  
SeGSoyw7sycPr+S3eIQ0+VNw001n4Gvpj+sHYOzJhNrtUW6989PMM6Z+poM1xNl0  
Nib5PFqZZcOzyH9N4Hzy4OBcYOkdCUXm6c+K+GN1gPPxloq07FSFihEltlDIuufy  
eWzVRR53mjrLwOEn3GnWidgJ+znuAKxyZws8PlGctbKg/2y0PRoDJry9s9HiSWDJ  
5y//A1m/mOnkoDOU32rW5lu3XceApph8MlBVqB03qjpj8HCBHvOKiZf8AMJQ5SoH  
pDLoR4gzEk2xmei0QtlRXhWxtjgeTNUuoTJyMqxgvHoaEWabpjJxNGrd4y7vDbM/  
PsXooDGL02mBzthJZ19mZfVZjzd4lNhq7CLsXgq7MpDB9dq4tQP3EJXoUwrmeflT  
f1EaczpMC/0=Q58l  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8291-01

Red Hat Security Advisory 2022-8250-01 - The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: grafana-pcp security update  
Advisory ID:       RHSA-2022:8250-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8250  
Issue date:        2022-11-15  
CVE Names:         CVE-2022-1705 CVE-2022-30630 CVE-2022-30631  
                   CVE-2022-30632 CVE-2022-30635 CVE-2022-32148  
====================================================================  
1. Summary:

An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The Grafana plugin for Performance Co-Pilot includes datasources for  
scalable time series from pmseries and Redis, live PCP metrics and bpftrace  
scripts from pmdabpftrace, as well as several dashboards.

Security Fix(es):

* golang: net/http: improper sanitization of Transfer-Encoding header  
(CVE-2022-1705)

* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)

* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)

* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)

* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)

* golang: net/http/httputil: NewSingleHostReverseProxy - omit  
X-Forwarded-For not working (CVE-2022-32148)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read  
2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob  
2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header  
2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working  
2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob  
2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
grafana-pcp-3.2.0-3.el9.src.rpm

aarch64:  
grafana-pcp-3.2.0-3.el9.aarch64.rpm  
grafana-pcp-debuginfo-3.2.0-3.el9.aarch64.rpm

ppc64le:  
grafana-pcp-3.2.0-3.el9.ppc64le.rpm  
grafana-pcp-debuginfo-3.2.0-3.el9.ppc64le.rpm

s390x:  
grafana-pcp-3.2.0-3.el9.s390x.rpm  
grafana-pcp-debuginfo-3.2.0-3.el9.s390x.rpm

x86_64:  
grafana-pcp-3.2.0-3.el9.x86_64.rpm  
grafana-pcp-debuginfo-3.2.0-3.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1705  
https://access.redhat.com/security/cve/CVE-2022-30630  
https://access.redhat.com/security/cve/CVE-2022-30631  
https://access.redhat.com/security/cve/CVE-2022-30632  
https://access.redhat.com/security/cve/CVE-2022-30635  
https://access.redhat.com/security/cve/CVE-2022-32148  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3PhCtzjgjWX9erEAQhTyA/9EsqUnLA8IJYSoNbATHuTMhjUic22R9Ft  
3EDlu0a+wIRqt3K3gQFe6VLPECalVCiRjG3cvq/asbvaeVlvkVMJZPDt4OMTzoDp  
gVQVPN2s9rndC5p7la/VpWy/weD/E1bOLXG9XfCXP8xr2Mf8iWuOYTLcmqI61+ov  
CnDzqjVCCgxNLm1iiyE3/GyExnnqfP80a160J5B3PgW9dMotsiIYSVyXPbodawz0  
GXY7mnDvkqlzTDbuVLO94ZXxeq9oxrIYguFynE3Pgtj2VNfq395zcvb8mhvLaS45  
L5EXoy6q8RsG1FW7nToJnHVuLJ6Yiogy5vyCm/l2Ty8kGQYk1LaLNkJGccFul5to  
lWCRDsdN6+ixEZODkOHtXogEV9Yc/j7AMJMGDHILyA+hLsFokVGlXevDv5ODrsIi  
Vw23lsjKlUIwdeYyjqYwuX9/dQcah1DwtaRIAjgFhgRcc1zZRv3Bp+ffgA+FYTOZ  
tWIlqDQ3SfziiisQwPlR0l/1/G13Ty0rmSi2NJ9xdrIScl/ur1Eoj3VX2xC7E9Xl  
PT7hnsAta+iEVPtYNXLu5aKs9FrrbYAf5BRpMgmtQ/wglsOJuxtUq4y3aMc7NY4M  
2mII8VQqln24SIuqBiydt/S6MSgdUkBB/FxXwrpPBprjhlta5ydB5JXiysvvRWpq  
2Y4NKM59pYM=+Zub  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8250-01

Red Hat Security Advisory 2022-8393-01 - The logrotate utility simplifies the administration of multiple log files by allowing their automatic rotation, compression, removal, and mailing. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: logrotate security update  
Advisory ID:       RHSA-2022:8393-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8393  
Issue date:        2022-11-15  
CVE Names:         CVE-2022-1348  
====================================================================  
1. Summary:

An update for logrotate is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The logrotate utility simplifies the administration of multiple log files  
by allowing their automatic rotation, compression, removal, and mailing.

Security Fix(es):

* logrotate: potential DoS from unprivileged users via the state file  
(CVE-2022-1348)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2075074 - CVE-2022-1348 logrotate: potential DoS from unprivileged users via the state file

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 9):

Source:  
logrotate-3.18.0-7.el9.src.rpm

aarch64:  
logrotate-3.18.0-7.el9.aarch64.rpm  
logrotate-debuginfo-3.18.0-7.el9.aarch64.rpm  
logrotate-debugsource-3.18.0-7.el9.aarch64.rpm

ppc64le:  
logrotate-3.18.0-7.el9.ppc64le.rpm  
logrotate-debuginfo-3.18.0-7.el9.ppc64le.rpm  
logrotate-debugsource-3.18.0-7.el9.ppc64le.rpm

s390x:  
logrotate-3.18.0-7.el9.s390x.rpm  
logrotate-debuginfo-3.18.0-7.el9.s390x.rpm  
logrotate-debugsource-3.18.0-7.el9.s390x.rpm

x86_64:  
logrotate-3.18.0-7.el9.x86_64.rpm  
logrotate-debuginfo-3.18.0-7.el9.x86_64.rpm  
logrotate-debugsource-3.18.0-7.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1348  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3PgwtzjgjWX9erEAQgPmg//XDihBmjNzDGuBNxDN3mZYrK3THeevs/u  
ii9c+qJK83fFK+dagldHlyZOtR12qWRtBjrw91E9I5zIVTgzkcFv8hu/8v8p9Ocr  
WlHTRzE2Kblai9pXRr49km3GL9thG7KTYNDT/BwV09jqYqVJsrly1AHf96rvHIUp  
uyL3Be+PMO6Q18KwvpBd3m3BaaJOhhi8NHZHIF/FhIqdPfLnxRMSJP7dOAnycZAH  
6wNV8XqtHt332/PQoZSUmg9Y1NmcCeQlbIVgCn6z4G5qP8EXTSMCr21ZoP3UuWv8  
HjGjGg+B/5AU4Wj9wzjm3R/ruITxJLQtN0tew7h9tBiVsRj0j6xaD5BZg25DbSV4  
fDPGLTyDFWPk6TJhW0SQ5/Ohc11XgiwGF7sTwMeig+1DXuWr9qFfxwYiW3zQtEpi  
Ko7C+s0Yrv35jfZMRLIz1w+3Iu35Zg93+ZHCbtbWoJZ4pKYR9H4JB9dhGuijhN/x  
4G0zgpNppzUoVkeVT3heLpBLNDck0T3sfYqEdw+CEMgLfwMmxlAas49JVGQO8Alo  
3H/dwSXUepnwYm1TiBSTZR4u9FB7280VjMN8oKsFFNX16FWhmi09X+NLnvyCRIUp  
tdN3Z1Uqr5lNlJ6QdQ+ZWCvmLHHYnBRHBFlJE/A7fqjlNJ3z3eeumulif9Py6xHu  
JfZ7LQO99Lc=8Hyc  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8393-01

Red Hat Security Advisory 2022-8222-01 - Xwayland is an X server for running X clients under Wayland. Issues addressed include an out of bounds access vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: xorg-x11-server-Xwayland security update  
Advisory ID:       RHSA-2022:8222-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8222  
Issue date:        2022-11-15  
CVE Names:         CVE-2022-2319 CVE-2022-2320  
====================================================================  
1. Summary:

An update for xorg-x11-server-Xwayland is now available for Red Hat  
Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

Xwayland is an X server for running X clients under Wayland.

Security Fix(es):

* xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access  
(CVE-2022-2319)

* xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request  
handler of the Xkb extension (CVE-2022-2320)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2106671 - CVE-2022-2319 xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access  
2106683 - CVE-2022-2320 xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
xorg-x11-server-Xwayland-21.1.3-3.el9.src.rpm

aarch64:  
xorg-x11-server-Xwayland-21.1.3-3.el9.aarch64.rpm  
xorg-x11-server-Xwayland-debuginfo-21.1.3-3.el9.aarch64.rpm  
xorg-x11-server-Xwayland-debugsource-21.1.3-3.el9.aarch64.rpm

ppc64le:  
xorg-x11-server-Xwayland-21.1.3-3.el9.ppc64le.rpm  
xorg-x11-server-Xwayland-debuginfo-21.1.3-3.el9.ppc64le.rpm  
xorg-x11-server-Xwayland-debugsource-21.1.3-3.el9.ppc64le.rpm

s390x:  
xorg-x11-server-Xwayland-21.1.3-3.el9.s390x.rpm  
xorg-x11-server-Xwayland-debuginfo-21.1.3-3.el9.s390x.rpm  
xorg-x11-server-Xwayland-debugsource-21.1.3-3.el9.s390x.rpm

x86_64:  
xorg-x11-server-Xwayland-21.1.3-3.el9.x86_64.rpm  
xorg-x11-server-Xwayland-debuginfo-21.1.3-3.el9.x86_64.rpm  
xorg-x11-server-Xwayland-debugsource-21.1.3-3.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2319  
https://access.redhat.com/security/cve/CVE-2022-2320  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3PhD9zjgjWX9erEAQitZw/+KlpRlLmptWTwYIz/vpOH+9HYMcD0MPRp  
t1J6oEQ35erbVIn1CAi6A+krzvEClGK0a+QT7YKM17fqzQoAEDmG0AlgvBaXiVm0  
wbCJdN+YJZE5WujeW+zoX2XiyVR1pRJWJm2NCsM38u9OX4UctXQXwee1b8MU4pq0  
uuEfXOOBZTuB8dMRew6/INJd1SiBw5Be9Py21akSmeCWFopg+d6fDGomEpQS4rtS  
3dPS1+FQde5jFm+UOt5T55D+5mTkbS6SRL3A3dAT4j7TwWBbChdvYVpOkF3co7XA  
l8m25WSH8TyK8JeHqJY1AdRuS2DGJY1OcByMdgtUDZk9E2Ea/jvn8fTHe8j8lWQZ  
d0yL6JrjIn/hU7OUqN4GoOfwbqryzH/6bcaBs8xrI/OeW7aRp+sRMc3b7L+1FY28  
3e22guV8EbU5fMEMfW1CTiMSXL0bJl/TDktUrlwiqkS3AknyTGE5BE5U8VHn9t/j  
hlm2LOZs5kQ3ouE04fPw94wbdewaqXw6tjimItq12IG6cZeFE5WsCOEWvvMmT9IE  
cThImEMfXyvTDetTsL83SQv1AfosNLsXP1K3EoGOqycOqw/1bXtm7srrcHY04zBM  
iZn0WvsMfkm3wgH+2MMp//m9GQt9KB4VbcTt5NPARWt6yphYSZwvTVvA/0iU5TXw  
sFJPfxo55X4”jz  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8222-01

Red Hat Security Advisory 2022-8162-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include denial of service and memory leak vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: 389-ds-base security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:8162-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8162  
Issue date:        2022-11-15  
CVE Names:         CVE-2022-0918 CVE-2022-0996 CVE-2022-2850  
====================================================================  
1. Summary:

An update for 389-ds-base is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The  
base packages include the Lightweight Directory Access Protocol (LDAP)  
server and command-line utilities for server administration.

The following packages have been upgraded to a later upstream version:  
389-ds-base (2.1.3). (BZ#2061801)

Security Fix(es):

* 389-ds-base: sending crafted message could result in DoS (CVE-2022-0918)

* 389-ds-base: SIGSEGV in sync_repl (CVE-2022-2850)

* 389-ds-base: expired password was still allowed to access the database  
(CVE-2022-0996)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the 389 server service will be restarted  
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1872451 - [RFE] 389ds: run as non-root  
2052527 - RFE - Provide an option to abort an Auto Member rebuild task.  
2055815 - CVE-2022-0918 389-ds-base: sending crafted message could result in DoS  
2057056 - Import may break the replication because changelog starting csn may not be created  
2057063 - Add support for recursively deleting subentries  
2061801 - Rebase 389-ds-base in RHEL 9.1  
2064769 - CVE-2022-0996 389-ds-base: expired password was still allowed to access the database  
2100337 - dsconf backend export userroot fails  ldap.DECODING_ERROR  
2100572 - Versions for RHDS 9.1 do not match in dirsrv logs and output from rpm -qa  
2115348 - memory leak with filter optimizer  
2118691 - CVE-2022-2850 389-ds-base: SIGSEGV in sync_repl

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
389-ds-base-2.1.3-4.el9_1.src.rpm

aarch64:  
389-ds-base-2.1.3-4.el9_1.aarch64.rpm  
389-ds-base-debuginfo-2.1.3-4.el9_1.aarch64.rpm  
389-ds-base-debugsource-2.1.3-4.el9_1.aarch64.rpm  
389-ds-base-libs-2.1.3-4.el9_1.aarch64.rpm  
389-ds-base-libs-debuginfo-2.1.3-4.el9_1.aarch64.rpm  
389-ds-base-snmp-debuginfo-2.1.3-4.el9_1.aarch64.rpm

noarch:  
python3-lib389-2.1.3-4.el9_1.noarch.rpm

ppc64le:  
389-ds-base-2.1.3-4.el9_1.ppc64le.rpm  
389-ds-base-debuginfo-2.1.3-4.el9_1.ppc64le.rpm  
389-ds-base-debugsource-2.1.3-4.el9_1.ppc64le.rpm  
389-ds-base-libs-2.1.3-4.el9_1.ppc64le.rpm  
389-ds-base-libs-debuginfo-2.1.3-4.el9_1.ppc64le.rpm  
389-ds-base-snmp-debuginfo-2.1.3-4.el9_1.ppc64le.rpm

s390x:  
389-ds-base-2.1.3-4.el9_1.s390x.rpm  
389-ds-base-debuginfo-2.1.3-4.el9_1.s390x.rpm  
389-ds-base-debugsource-2.1.3-4.el9_1.s390x.rpm  
389-ds-base-libs-2.1.3-4.el9_1.s390x.rpm  
389-ds-base-libs-debuginfo-2.1.3-4.el9_1.s390x.rpm  
389-ds-base-snmp-debuginfo-2.1.3-4.el9_1.s390x.rpm

x86_64:  
389-ds-base-2.1.3-4.el9_1.x86_64.rpm  
389-ds-base-debuginfo-2.1.3-4.el9_1.x86_64.rpm  
389-ds-base-debugsource-2.1.3-4.el9_1.x86_64.rpm  
389-ds-base-libs-2.1.3-4.el9_1.x86_64.rpm  
389-ds-base-libs-debuginfo-2.1.3-4.el9_1.x86_64.rpm  
389-ds-base-snmp-debuginfo-2.1.3-4.el9_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-0918  
https://access.redhat.com/security/cve/CVE-2022-0996  
https://access.redhat.com/security/cve/CVE-2022-2850  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3PhHNzjgjWX9erEAQi3Lw/+Kp2fj71Eme7k3P5fYZon8pjEsHOaHuSz  
FOTmU3hGViBe60UcUoyoERl2nbodmQ0yxozY4wz6H+TMHiTq1yj3LdiUQuZmOZMS  
+BUBzSR24iyPaXbLoa1+NwSm2+QnQuD8Ch5E4YwNJNRcRIYP2yaVJdcNi7RLU0I7  
aADq56AI4QX1D+0c1tSkybVTbgEpnNzABrvaapwD1eNwsVWaFJd46CZaf9WGt3ht  
irr6PYHnyvoirvJndRsuuLgW2vJxhvI/6PQtOgM0SMyWWiIschFLlkelrjVsdQIH  
f9J3Rk5kRCN7Kd9hKDIghsitB0ilod8gxvhyio6UzB9acbXj+a55J1nEjo2oalR8  
psXHcFRemMiPTMEh/W68PdbhifTcxa85Z4H/iVtEDgpIugJ5+B0j0+hdnzm3dncT  
IHsJVSayNuUqY04gpUhVsvEmzhVFogx9APJZmz4PhIaoGByX9Oti1t9IsqNENUVn  
l0n8u4h3Az4eo4l6/PKaF3DrIVLXzuC5HXvU4NOW4VsW4aM7tfVIlDUDxr8FUhUE  
8AKp+AThKmW2vFNTP9bnUNXQSMnKRFclO99w/f2SB+PjSb4IJzpIQ/QokXRQ8I2z  
CUsrBtF1HQfwHPPV1fU2NvnLmtDEcxFX0kGgU11BaVSgoRpqrUpNPHmnQp9FpQUb  
6ZLiLQ+itcM=dmbn  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8162-01

Red Hat Security Advisory 2022-8434-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 RC 2.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: dotnet7.0 security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:8434-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8434  
Issue date:        2022-11-15  
CVE Names:         CVE-2022-41032  
====================================================================  
1. Summary:

An update for dotnet7.0 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

.NET is a managed-software framework. It implements a subset of the .NET  
framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now  
available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime  
7.0.0 RC 2.

The following packages have been upgraded to a later upstream version:  
dotnet7.0 (7.0.100). (BZ#2134641)

Security Fix(es):

* dotnet: Nuget cache poisoning on Linux via world-writable cache directory  
(CVE-2022-41032)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2132614 - CVE-2022-41032 dotnet: Nuget cache poisoning on Linux via world-writable cache directory  
2134641 - Update .NET 7 to RC 2 [rhel-9.1.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
dotnet7.0-7.0.100-0.5.rc2.el9_1.src.rpm

aarch64:  
aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
aspnetcore-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-apphost-pack-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-host-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-runtime-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-sdk-7.0-7.0.100-0.5.rc2.el9_1.aarch64.rpm  
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm  
dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.aarch64.rpm  
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm  
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.aarch64.rpm  
netstandard-targeting-pack-2.1-7.0.100-0.5.rc2.el9_1.aarch64.rpm

ppc64le:  
aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
aspnetcore-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-apphost-pack-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-host-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-runtime-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-sdk-7.0-7.0.100-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.ppc64le.rpm  
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm  
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.ppc64le.rpm  
netstandard-targeting-pack-2.1-7.0.100-0.5.rc2.el9_1.ppc64le.rpm

s390x:  
aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm  
aspnetcore-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-apphost-pack-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-host-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-runtime-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-sdk-7.0-7.0.100-0.5.rc2.el9_1.s390x.rpm  
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.s390x.rpm  
dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.s390x.rpm  
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.s390x.rpm  
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.s390x.rpm  
netstandard-targeting-pack-2.1-7.0.100-0.5.rc2.el9_1.s390x.rpm

x86_64:  
aspnetcore-runtime-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
aspnetcore-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-apphost-pack-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-host-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-hostfxr-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-runtime-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-sdk-7.0-7.0.100-0.5.rc2.el9_1.x86_64.rpm  
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm  
dotnet-targeting-pack-7.0-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-templates-7.0-7.0.100-0.5.rc2.el9_1.x86_64.rpm  
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm  
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.x86_64.rpm  
netstandard-targeting-pack-2.1-7.0.100-0.5.rc2.el9_1.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 9):

aarch64:  
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.aarch64.rpm  
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm  
dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.5.rc2.el9_1.aarch64.rpm  
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.aarch64.rpm  
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.aarch64.rpm

ppc64le:  
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm  
dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.5.rc2.el9_1.ppc64le.rpm  
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.ppc64le.rpm  
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.ppc64le.rpm

s390x:  
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.s390x.rpm  
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.s390x.rpm  
dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.5.rc2.el9_1.s390x.rpm  
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.s390x.rpm  
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.s390x.rpm

x86_64:  
dotnet-apphost-pack-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-host-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-hostfxr-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-runtime-7.0-debuginfo-7.0.0-0.5.rc2.el9_1.x86_64.rpm  
dotnet-sdk-7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm  
dotnet-sdk-7.0-source-built-artifacts-7.0.100-0.5.rc2.el9_1.x86_64.rpm  
dotnet7.0-debuginfo-7.0.100-0.5.rc2.el9_1.x86_64.rpm  
dotnet7.0-debugsource-7.0.100-0.5.rc2.el9_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-41032  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3PgudzjgjWX9erEAQiiDg//cdj0qT3ay37iZak9REN0Azfp5yzrAL3P  
7RYtgqDyQ5kVVojzzsto2zqTAQcdkqUutH5RSr4BX/j5H0/yLDPf2MweJv3zzVMf  
DUoftsjVIzCaC+ABZkKx0bsZj+m0Dtm92CP9Zq8pRSg9Np4v+EDI60+jRKDgQ+tN  
mDpDiRjseUlH9EF3DRYfDV7X/xKmBBOoUSRtjWRRAxrSTl8Hm6VD3ZPjsnyLOIar  
jXEGfzvD9uSHPeGRq7WXq+Z9hQsuGI/ioE7gmBB+z8jGM1fYI/FuEntEEVX5bngh  
7gDj0GDIp2KAhN8rsQLSamBtfAXlCSTfLj9aKfiYDawf8AVezZq5k4Gc0+wVJvD7  
xKKTXdmuRwVmUg10bpM06Q55f137m7koAcd0pnu2+fLCe2xa3M7hGUA1hyNcDQJG  
5VUar3m4tOsUNGvkjWMUlr0k1WBq0iygpNAj/fwcSf/NyxMs05GPk+vd62HeDuhk  
4mZ/XoEuvCd9nfwWFdqWrUKtF5rZJjNdaySree1hT5z2X182avaUC9BkUqM6qz9j  
ZvHMhTHQanD8PKZCTSZ5TSkArotnaU3ll+/FeIN+Aokhe0fQ68auoUBkoRyXsXtV  
1cyCXxHrAtv4WEJqfXQ/AIPVQydILJoMQgWaEUOGGnnZPOm67RAjanH9bf6Mrc4A  
XWImElHJm1o=TYQK  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8434-01

Red Hat Security Advisory 2022-7955-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: skopeo security and bug fix update  
Advisory ID:       RHSA-2022:7955-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:7955  
Issue date:        2022-11-15  
CVE Names:         CVE-2021-20291 CVE-2021-33198  
====================================================================  
1. Summary:

An update for skopeo is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The skopeo command lets you inspect images from container image registries,  
get images and image layers, and use signatures to create and verify files.

Security Fix(es):

* containers/storage: DoS via malicious image (CVE-2021-20291)

* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error  
if passed inputs with very large exponents (CVE-2021-33198)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1939485 - CVE-2021-20291 containers/storage: DoS via malicious image  
1988128 - Enable LTO build of skopeo for RHEL 9  
1989575 - CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
skopeo-1.9.2-1.el9.src.rpm

aarch64:  
skopeo-1.9.2-1.el9.aarch64.rpm  
skopeo-debuginfo-1.9.2-1.el9.aarch64.rpm  
skopeo-debugsource-1.9.2-1.el9.aarch64.rpm  
skopeo-tests-1.9.2-1.el9.aarch64.rpm

ppc64le:  
skopeo-1.9.2-1.el9.ppc64le.rpm  
skopeo-debuginfo-1.9.2-1.el9.ppc64le.rpm  
skopeo-debugsource-1.9.2-1.el9.ppc64le.rpm  
skopeo-tests-1.9.2-1.el9.ppc64le.rpm

s390x:  
skopeo-1.9.2-1.el9.s390x.rpm  
skopeo-debuginfo-1.9.2-1.el9.s390x.rpm  
skopeo-debugsource-1.9.2-1.el9.s390x.rpm  
skopeo-tests-1.9.2-1.el9.s390x.rpm

x86_64:  
skopeo-1.9.2-1.el9.x86_64.rpm  
skopeo-debuginfo-1.9.2-1.el9.x86_64.rpm  
skopeo-debugsource-1.9.2-1.el9.x86_64.rpm  
skopeo-tests-1.9.2-1.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-20291  
https://access.redhat.com/security/cve/CVE-2021-33198  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3PhR9zjgjWX9erEAQgx8w/8DtFfPWF06IeoNdA9Ks2qP1ZWdPmYSR+L  
sYV7fXD2X25jesaINsMRlXFrPXG2kaKZRO+ZCa1+va2PLEgdRe19bSRPw6Q+xun2  
jq7/yo/S94ONLTXctUDRwt7uKi8BTYfj26VOQvrmzKvDKp51KwFWOGYe+7QkBlaC  
TUJpd9VNhW6SuR9cokvg+IMJ83Hm332/V8NsDx1AMx/Q0se4GMP9BKiR3CG83dv9  
gLG0t6i/R/gWCtA2mjvjXzEtmVkLu9F19vW0LtasRBO1R1fU2prud51DlRgoRgsJ  
to8uiurZx3unFqQPfZf8UFSGwLkKFzbMT/zVKfjM4HdfhRcTZy1EWaTHiJUvoe4/  
wD2X8v88qbeJ08a20KtZb/8X2I1hjbvNAHV2PMSxVt04ToU5miOHwd1Wgax/nqXL  
jPQSfTM1iiaB2Kq7/23G6JXhFcriK1/e8XKH7N02kIxAWa9LOmFJ0Z3uPuGS3YJ2  
Aa+qDDfLdq3pfIaAbpJnDPFqm0scxaIx3fGw8TcmW1ra+GrnQx+4D89wTqlht4Se  
PQU3pf93EU0BDNDctrqW0acr3guybu1qn6Juh/NMGAMS1wtz2mbdzGYEmuUA3Cd3  
x+ojiCMUxYQI31kDhAn88Xq3I1nWtm7I/sDj8kddrrNf4pMbB2Jgzqd3cJ4/s6DS  
UoStIDC36rc=tD9P  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-7955-01

Red Hat Security Advisory 2022-8062-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: unbound security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:8062-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8062  
Issue date:        2022-11-15  
CVE Names:         CVE-2022-30698 CVE-2022-30699  
====================================================================  
1. Summary:

An update for unbound is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

The unbound packages provide a validating, recursive, and caching DNS or  
DNSSEC resolver.

The following packages have been upgraded to a later upstream version:  
unbound (1.16.2). (BZ#2087120)

Security Fix(es):

* unbound: novel ghost domain attack that allows attackers to trigger  
continued resolvability of malicious domain names (CVE-2022-30698)

* unbound: novel ghost domain attack that allows attackers to trigger  
continued resolvability of malicious domain names (CVE-2022-30699)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat  
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1981415 - unbound: don't use deprecated functions in OpenSSL 3.0  
2056116 - unbound-devel is not available on Centos 9 Stream  
2071543 - Unbound fails resolution of any SHA-1 signed domain [rhel-9.1.0]  
2071943 - failing devel man pages for rhel 9  
2079548 - [unbound: FIPS mode] does not resolve ED25519 and ED448  
2087120 - [rebase] Rebase to 1.16.0  
2094336 - unbound-keygen needs to be stoped  
2116725 - CVE-2022-30698 unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names  
2116729 - CVE-2022-30699 unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names  
2116802 - unbound-keygen requires openssl [rhel9]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
unbound-1.16.2-2.el9.src.rpm

aarch64:  
python3-unbound-1.16.2-2.el9.aarch64.rpm  
python3-unbound-debuginfo-1.16.2-2.el9.aarch64.rpm  
unbound-1.16.2-2.el9.aarch64.rpm  
unbound-debuginfo-1.16.2-2.el9.aarch64.rpm  
unbound-debugsource-1.16.2-2.el9.aarch64.rpm  
unbound-libs-1.16.2-2.el9.aarch64.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.aarch64.rpm

ppc64le:  
python3-unbound-1.16.2-2.el9.ppc64le.rpm  
python3-unbound-debuginfo-1.16.2-2.el9.ppc64le.rpm  
unbound-1.16.2-2.el9.ppc64le.rpm  
unbound-debuginfo-1.16.2-2.el9.ppc64le.rpm  
unbound-debugsource-1.16.2-2.el9.ppc64le.rpm  
unbound-libs-1.16.2-2.el9.ppc64le.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.ppc64le.rpm

s390x:  
python3-unbound-1.16.2-2.el9.s390x.rpm  
python3-unbound-debuginfo-1.16.2-2.el9.s390x.rpm  
unbound-1.16.2-2.el9.s390x.rpm  
unbound-debuginfo-1.16.2-2.el9.s390x.rpm  
unbound-debugsource-1.16.2-2.el9.s390x.rpm  
unbound-libs-1.16.2-2.el9.s390x.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.s390x.rpm

x86_64:  
python3-unbound-1.16.2-2.el9.x86_64.rpm  
python3-unbound-debuginfo-1.16.2-2.el9.i686.rpm  
python3-unbound-debuginfo-1.16.2-2.el9.x86_64.rpm  
unbound-1.16.2-2.el9.x86_64.rpm  
unbound-debuginfo-1.16.2-2.el9.i686.rpm  
unbound-debuginfo-1.16.2-2.el9.x86_64.rpm  
unbound-debugsource-1.16.2-2.el9.i686.rpm  
unbound-debugsource-1.16.2-2.el9.x86_64.rpm  
unbound-libs-1.16.2-2.el9.i686.rpm  
unbound-libs-1.16.2-2.el9.x86_64.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.i686.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 9):

aarch64:  
python3-unbound-debuginfo-1.16.2-2.el9.aarch64.rpm  
unbound-debuginfo-1.16.2-2.el9.aarch64.rpm  
unbound-debugsource-1.16.2-2.el9.aarch64.rpm  
unbound-devel-1.16.2-2.el9.aarch64.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.aarch64.rpm

ppc64le:  
python3-unbound-debuginfo-1.16.2-2.el9.ppc64le.rpm  
unbound-debuginfo-1.16.2-2.el9.ppc64le.rpm  
unbound-debugsource-1.16.2-2.el9.ppc64le.rpm  
unbound-devel-1.16.2-2.el9.ppc64le.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.ppc64le.rpm

s390x:  
python3-unbound-debuginfo-1.16.2-2.el9.s390x.rpm  
unbound-debuginfo-1.16.2-2.el9.s390x.rpm  
unbound-debugsource-1.16.2-2.el9.s390x.rpm  
unbound-devel-1.16.2-2.el9.s390x.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.s390x.rpm

x86_64:  
python3-unbound-debuginfo-1.16.2-2.el9.i686.rpm  
python3-unbound-debuginfo-1.16.2-2.el9.x86_64.rpm  
unbound-debuginfo-1.16.2-2.el9.i686.rpm  
unbound-debuginfo-1.16.2-2.el9.x86_64.rpm  
unbound-debugsource-1.16.2-2.el9.i686.rpm  
unbound-debugsource-1.16.2-2.el9.x86_64.rpm  
unbound-devel-1.16.2-2.el9.i686.rpm  
unbound-devel-1.16.2-2.el9.x86_64.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.i686.rpm  
unbound-libs-debuginfo-1.16.2-2.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-30698  
https://access.redhat.com/security/cve/CVE-2022-30699  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY3PhMdzjgjWX9erEAQi2qg/+JsLmnjmeg2U0b5tZnC5duXL1O4iNyIwm  
V8y6hDiGaY2Iubih0SO29gLZYG3sN+dJdsspe8Vv9OqJso2Gm5J2gjgKZXxe6qZW  
GUKcMRpwG+jM5RSBv9uogsW63tD0YQfIZbFRBJy0BE9TMRFtgHveseKG+OlLKFOP  
2h/SbYILATEZA1Lw/c9KIDBOLB7wNny+Qrg46U1cU9ZH1oN9pOUGjBxH6VfkUA6S  
SItza5DGOnKGbAOVFS79Y+MSCCGjXgIyY38y8mr8PkOh00d7eZ+13JwKnDaPfnxH  
vVdo30jh9Tfs/LX0c+nn3IKyv3h9y2DtMEpxKnI927YRu4WPM9erSrxOX80KrJ+L  
ENkVeb3YdkT+OqV3wvK9JblW8iDwlGSb0jC9LaWUx5An5hUqMKRoXydkKWTnC3Cp  
4fofXWhWnqKQfRwHdx1rVhRuR/x2iG8VY7TvvRNocNb4YW4ilq+dIX0Q++iltna7  
9V1vScJm3mINkqyU4uL2AJJhoDdcPpElvwcxTiRkg7FCn7BO9gj9mxHzO3xZu3RN  
FShTo5J2XIf8a1gtMMHV8C8F7BsAgV7oTMSGlqSLgmx0BKiis/FtO5I2C6Unn/Ac  
Sal3wXzA64ZPyHHDOeRsz0FFkhAMDB6SZzbCuvkaNLaga6z7NTvNaifkXvlnbib3  
QoahqRtuado=Wd6S  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#linux