-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: mariadb:10.5 security, bug fix, and enhancement update Advisory ID: RHSA-2022:5826-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5826 Issue date: 2022-08-02 CVE Names: CVE-2021-46659 CVE-2021-46661 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665 CVE-2021-46668 CVE-2021-46669 CVE-2022-24048 CVE-2022-24050 CVE-2022-24051 CVE-2022-24052 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27382 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27444 CVE-2022-27445 CVE-2022-27446 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27451 CVE-2022-27452 CVE-2022-27455 CVE-2022-27456 CVE-2022-27457 CVE-2022-27458 CVE-2022-31622 CVE-2022-31623 ==================================================================== 1. Summary: An update for the mariadb:10.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: galera (26.4.11), mariadb (10.5.16). Security Fix(es): * mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used (CVE-2021-46669) * mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer (CVE-2022-24048) * mariadb: lack of validating the existence of an object prior to performing operations on the object (CVE-2022-24050) * mariadb: lack of proper validation of a user-supplied string before using it as a format specifier (CVE-2022-24051) * mariadb: CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability (CVE-2022-24052) * mariadb: assertion failure in Item_args::walk_arg (CVE-2022-27376) * mariadb: use-after-poison when complex conversion is involved in blob (CVE-2022-27377) * mariadb: crash in create_tmp_table::finalize (CVE-2022-27378) * mariadb: crash in component arg_comparator::compare_real_fixed (CVE-2022-27379) * mariadb: crash at my_decimal::operator= (CVE-2022-27380) * mariadb: crash at Field::set_default via specially crafted SQL statements (CVE-2022-27381) * mariadb: assertion failure via component Item_field::used_tables/update_depend_map_for_order (CVE-2022-27382) * mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c (CVE-2022-27383) * mariadb: via component Item_subselect::init_expr_cache_tracker (CVE-2022-27384) * mariadb: crash in query_arena::set_query_arena upon SELECT from view (CVE-2022-27386) * mariadb: assertion failures in decimal_bin_size (CVE-2022-27387) * mariadb: crash when using HAVING with NOT EXIST predicate in an equality (CVE-2022-27444) * mariadb: assertion failure in compare_order_elements (CVE-2022-27445) * mariadb: crash when using HAVING with IS NULL predicate in an equality (CVE-2022-27446) * mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27447) * mariadb: crash in multi-update and implicit grouping (CVE-2022-27448) * mariadb: assertion failure in sql/item_func.cc (CVE-2022-27449) * mariadb: crash via window function in expression in ORDER BY (CVE-2022-27451) * mariadb: assertion failure in sql/item_cmpfunc.cc (CVE-2022-27452) * mariadb: use-after-free when WHERE has subquery with an outer reference in HAVING (CVE-2022-27455) * mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc (CVE-2022-27456) * mariadb: incorrect key in "dup value" error after long unique (CVE-2022-27457) * mariadb: use-after-poison in Binary_string::free_buffer (CVE-2022-27458) * mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31622) * mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc (CVE-2022-31623) * mariadb: Crash executing query with VIEW, aggregate and subquery (CVE-2021-46659) * mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE) (CVE-2021-46661) * mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements (CVE-2021-46663) * mariadb: crash in sub_select_postjoin_aggr for a NULL value of aggr (CVE-2021-46664) * mariadb: crash because of incorrect used_tables expectations (CVE-2021-46665) * mariadb: crash via certain long SELECT DISTINCT statements (CVE-2021-46668) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Don't use less parallelism if not necessary (BZ#2096934) * Links in galera package description are bad (BZ#2096935) * [Tracker] Rebase to Galera 26.4.11 (BZ#2096936) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2049302 - CVE-2021-46659 mariadb: Crash executing query with VIEW, aggregate and subquery 2050017 - CVE-2021-46661 mariadb: MariaDB allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression (CTE) 2050022 - CVE-2021-46663 mariadb: MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements 2050024 - CVE-2021-46664 mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr 2050026 - CVE-2021-46665 mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations 2050032 - CVE-2021-46668 mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements 2050034 - CVE-2021-46669 mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used 2068211 - CVE-2022-24052 mariadb: CONNECT storage engine heap-based buffer overflow 2068233 - CVE-2022-24051 mariadb: lack of proper validation of a user-supplied string before using it as a format specifier 2068234 - CVE-2022-24048 mariadb: lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer 2069833 - CVE-2022-24050 mariadb: lack of validating the existence of an object prior to performing operations on the object 2074817 - CVE-2022-27376 mariadb: assertion failure in Item_args::walk_arg 2074947 - CVE-2022-27377 mariadb: use-after-poison when complex conversion is involved in blob 2074949 - CVE-2022-27378 mariadb: server crash in create_tmp_table::finalize 2074951 - CVE-2022-27379 mariadb: server crash in component arg_comparator::compare_real_fixed 2074966 - CVE-2022-27380 mariadb: server crash at my_decimal::operator2074981 - CVE-2022-27381 mariadb: server crash at Field::set_default via specially crafted SQL statements 2074987 - CVE-2022-27382 mariadb: assertion failure via component Item_field::used_tables/update_depend_map_for_order 2074996 - CVE-2022-27383 mariadb: use-after-poison in my_strcasecmp_8bit() of ctype-simple.c 2074999 - CVE-2022-27384 mariadb: crash via component Item_subselect::init_expr_cache_tracker 2075005 - CVE-2022-27386 mariadb: server crashes in query_arena::set_query_arena upon SELECT from view 2075006 - CVE-2022-27387 mariadb: assertion failures in decimal_bin_size 2075691 - CVE-2022-27445 mariadb: assertion failure in compare_order_elements 2075692 - CVE-2022-27446 mariadb: crash when using HAVING with IS NULL predicate in an equality 2075693 - CVE-2022-27447 mariadb: use-after-poison in Binary_string::free_buffer 2075694 - CVE-2022-27448 mariadb: crash in multi-update and implicit grouping 2075695 - CVE-2022-27449 mariadb: assertion failure in sql/item_func.cc 2075696 - CVE-2022-27444 mariadb: crash when using HAVING with NOT EXIST predicate in an equality 2075697 - CVE-2022-27456 mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc 2075699 - CVE-2022-27457 mariadb: incorrect key in "dup value" error after long unique 2075700 - CVE-2022-27458 mariadb: use-after-poison in Binary_string::free_buffer 2075701 - CVE-2022-27455 mariadb: use-after-free when WHERE has subquery with an outer reference in HAVING 2076144 - CVE-2022-27451 mariadb: crash via window function in expression in ORDER BY 2076145 - CVE-2022-27452 mariadb: assertion failure in sql/item_cmpfunc.cc 2092354 - CVE-2022-31622 mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc 2092360 - CVE-2022-31623 mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc 2095290 - DROP TABLE doesn't raise error while dropping non-existing table in MariaDB 10.5.9 when OQGraph SE is loaded to the server [rhel-8.6.0.z] 2096281 - [Tracker] Rebase to MariaDB 10.5.16 [rhel-8.6.0.z] 2096934 - Don't use less parallelism if not necessary [rhel-8.6.0.z] 2096935 - Links in galera package description are bad [rhel-8.6.0.z] 2096936 - [Tracker] Rebase to Galera 26.4.11 [rhel-8.6.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: Judy-1.0.5-18.module+el8.4.0+9031+9abc7af9.src.rpm galera-26.4.11-1.module+el8.6.0+15639+405b7427.src.rpm mariadb-10.5.16-2.module+el8.6.0+15639+405b7427.src.rpm aarch64: Judy-1.0.5-18.module+el8.4.0+9031+9abc7af9.aarch64.rpm Judy-debuginfo-1.0.5-18.module+el8.4.0+9031+9abc7af9.aarch64.rpm Judy-debugsource-1.0.5-18.module+el8.4.0+9031+9abc7af9.aarch64.rpm galera-26.4.11-1.module+el8.6.0+15639+405b7427.aarch64.rpm galera-debuginfo-26.4.11-1.module+el8.6.0+15639+405b7427.aarch64.rpm galera-debugsource-26.4.11-1.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-backup-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-backup-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-common-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-debugsource-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-devel-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-embedded-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-embedded-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-embedded-devel-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-errmsg-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-gssapi-server-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-gssapi-server-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-oqgraph-engine-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-oqgraph-engine-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-pam-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-pam-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-server-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-server-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-server-galera-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-server-utils-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-server-utils-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-test-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm mariadb-test-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.aarch64.rpm ppc64le: Judy-1.0.5-18.module+el8.4.0+9031+9abc7af9.ppc64le.rpm Judy-debuginfo-1.0.5-18.module+el8.4.0+9031+9abc7af9.ppc64le.rpm Judy-debugsource-1.0.5-18.module+el8.4.0+9031+9abc7af9.ppc64le.rpm galera-26.4.11-1.module+el8.6.0+15639+405b7427.ppc64le.rpm galera-debuginfo-26.4.11-1.module+el8.6.0+15639+405b7427.ppc64le.rpm galera-debugsource-26.4.11-1.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-backup-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-backup-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-common-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-debugsource-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-devel-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-embedded-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-embedded-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-embedded-devel-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-errmsg-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-gssapi-server-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-gssapi-server-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-oqgraph-engine-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-oqgraph-engine-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-pam-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-pam-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-server-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-server-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-server-galera-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-server-utils-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-server-utils-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-test-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm mariadb-test-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.ppc64le.rpm s390x: Judy-1.0.5-18.module+el8.4.0+9031+9abc7af9.s390x.rpm Judy-debuginfo-1.0.5-18.module+el8.4.0+9031+9abc7af9.s390x.rpm Judy-debugsource-1.0.5-18.module+el8.4.0+9031+9abc7af9.s390x.rpm galera-26.4.11-1.module+el8.6.0+15639+405b7427.s390x.rpm galera-debuginfo-26.4.11-1.module+el8.6.0+15639+405b7427.s390x.rpm galera-debugsource-26.4.11-1.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-backup-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-backup-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-common-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-debugsource-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-devel-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-embedded-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-embedded-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-embedded-devel-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-errmsg-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-gssapi-server-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-gssapi-server-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-oqgraph-engine-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-oqgraph-engine-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-pam-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-pam-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-server-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-server-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-server-galera-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-server-utils-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-server-utils-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-test-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm mariadb-test-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.s390x.rpm x86_64: Judy-1.0.5-18.module+el8.4.0+9031+9abc7af9.x86_64.rpm Judy-debuginfo-1.0.5-18.module+el8.4.0+9031+9abc7af9.x86_64.rpm Judy-debugsource-1.0.5-18.module+el8.4.0+9031+9abc7af9.x86_64.rpm galera-26.4.11-1.module+el8.6.0+15639+405b7427.x86_64.rpm galera-debuginfo-26.4.11-1.module+el8.6.0+15639+405b7427.x86_64.rpm galera-debugsource-26.4.11-1.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-backup-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-backup-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-common-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-debugsource-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-devel-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-embedded-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-embedded-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-embedded-devel-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-errmsg-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-gssapi-server-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-gssapi-server-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-oqgraph-engine-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-oqgraph-engine-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-pam-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-pam-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-server-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-server-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-server-galera-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-server-utils-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-server-utils-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-test-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm mariadb-test-debuginfo-10.5.16-2.module+el8.6.0+15639+405b7427.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-46659 https://access.redhat.com/security/cve/CVE-2021-46661 https://access.redhat.com/security/cve/CVE-2021-46663 https://access.redhat.com/security/cve/CVE-2021-46664 https://access.redhat.com/security/cve/CVE-2021-46665 https://access.redhat.com/security/cve/CVE-2021-46668 https://access.redhat.com/security/cve/CVE-2021-46669 https://access.redhat.com/security/cve/CVE-2022-24048 https://access.redhat.com/security/cve/CVE-2022-24050 https://access.redhat.com/security/cve/CVE-2022-24051 https://access.redhat.com/security/cve/CVE-2022-24052 https://access.redhat.com/security/cve/CVE-2022-27376 https://access.redhat.com/security/cve/CVE-2022-27377 https://access.redhat.com/security/cve/CVE-2022-27378 https://access.redhat.com/security/cve/CVE-2022-27379 https://access.redhat.com/security/cve/CVE-2022-27380 https://access.redhat.com/security/cve/CVE-2022-27381 https://access.redhat.com/security/cve/CVE-2022-27382 https://access.redhat.com/security/cve/CVE-2022-27383 https://access.redhat.com/security/cve/CVE-2022-27384 https://access.redhat.com/security/cve/CVE-2022-27386 https://access.redhat.com/security/cve/CVE-2022-27387 https://access.redhat.com/security/cve/CVE-2022-27444 https://access.redhat.com/security/cve/CVE-2022-27445 https://access.redhat.com/security/cve/CVE-2022-27446 https://access.redhat.com/security/cve/CVE-2022-27447 https://access.redhat.com/security/cve/CVE-2022-27448 https://access.redhat.com/security/cve/CVE-2022-27449 https://access.redhat.com/security/cve/CVE-2022-27451 https://access.redhat.com/security/cve/CVE-2022-27452 https://access.redhat.com/security/cve/CVE-2022-27455 https://access.redhat.com/security/cve/CVE-2022-27456 https://access.redhat.com/security/cve/CVE-2022-27457 https://access.redhat.com/security/cve/CVE-2022-27458 https://access.redhat.com/security/cve/CVE-2022-31622 https://access.redhat.com/security/cve/CVE-2022-31623 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYuqthtzjgjWX9erEAQiKtQ/9HX7vbeUsOgRzBubYHjwVUXlkgoolo3Fg W83/H6LnMdImOlKZtCAzXMO8xF8IsXf4lCC9UDkZs7TZlTodMzl0p3y+HKlGVwHa 04Tp7oAj3TVsJ4jfMAEIuGwlffKOTPebi9JtBM+kbxEs/aWmyalevyNWIki+kZTU ejDYP9U7Xnztla2vmjjklI3gDUh33lWeu8q3O+EohpKydap8EGYBjH04zQsGVSBA e4JMhWLWJDcOFkYQVzai6Am4qHb0M3IaqOjlappTjUf+YLEgmLJiHcAswa1+jm4M D+YfjeuFEPQ5/SDhfjPZsc04pYQRzeWxR/911G257OEe3ZkRULImMUpmfKhQFNhn HvTuv9hPDJKjM1TEHqMXJPQtcFJLnfU0vFtlp1vuvbyF6pw0nKuvQX+YDnkCJiC3 0MEYlszfsmlkuLEo9AJbCmQtsJnMxxD+RxDDry0vixpwUmloy/8++FCIOgld1ghB d7EBHKSSgVp8bZ6nUnOLzikhSC/ORN/k0L68MWysKnC0Vq24GDzmPQ6n3o8oChSJ EmMa67vMc73rCgDMN8AnI0wRQI49ZttyOKRT9YyOW4fnovXCEYkiW2zyesuznyXP C56+xi2TKjQIZ8RmQKDTvm5zDpB/6+Cv/InnWzqgDlDrpgIjoJBETp1pE7ssCnfl p3dUOJzZPss=m1Z3 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce