RHSA-2023:6346

Description

Red Hat Security Advisory: toolbox security and bug fix update

CVSS Metrics

• v3.1•CRITICAL•Score: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•toolbox

  < 0:0.0.99.4-6.el9_3

• redhat•toolbox-debuginfo

  < 0:0.0.99.4-6.el9_3

• redhat•toolbox-debugsource

  < 0:0.0.99.4-6.el9_3

• redhat•toolbox-tests

  < 0:0.0.99.4-6.el9_3

References (69)

• https://access.redhat.com/errata/RHSA-2023:6346
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index
• https://bugzilla.redhat.com/show_bug.cgi?id=2163037
• https://bugzilla.redhat.com/show_bug.cgi?id=2165742
• https://bugzilla.redhat.com/show_bug.cgi?id=2178358
• https://bugzilla.redhat.com/show_bug.cgi?id=2178488
• https://bugzilla.redhat.com/show_bug.cgi?id=2184481
• https://bugzilla.redhat.com/show_bug.cgi?id=2184482
• https://bugzilla.redhat.com/show_bug.cgi?id=2184483
• https://bugzilla.redhat.com/show_bug.cgi?id=2196026
• https://bugzilla.redhat.com/show_bug.cgi?id=2196027
• https://bugzilla.redhat.com/show_bug.cgi?id=2196029
• https://bugzilla.redhat.com/show_bug.cgi?id=2222167
• https://bugzilla.redhat.com/show_bug.cgi?id=2222789
• https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6346.json
• https://access.redhat.com/security/cve/CVE-2022-3064
• https://www.cve.org/CVERecord?id=CVE-2022-3064
• https://nvd.nist.gov/vuln/detail/CVE-2022-3064
• https://github.com/advisories/GHSA-6q6q-88xp-6f2r
• https://github.com/go-yaml/yaml/commit/f221b8435cfb71e54062f6c6e99e9ade30b124d5
• https://github.com/go-yaml/yaml/releases/tag/v2.2.4
• https://pkg.go.dev/vuln/GO-2022-0956
• https://access.redhat.com/security/cve/CVE-2022-41723
• https://www.cve.org/CVERecord?id=CVE-2022-41723
• https://nvd.nist.gov/vuln/detail/CVE-2022-41723
• https://github.com/advisories/GHSA-vvpx-j8f3-3w6h
• https://go.dev/cl/468135
• https://go.dev/cl/468295
• https://go.dev/issue/57855
• https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
• https://pkg.go.dev/vuln/GO-2023-1571
• https://vuln.go.dev/ID/GO-2023-1571.json
• https://access.redhat.com/security/cve/CVE-2022-41725
• https://www.cve.org/CVERecord?id=CVE-2022-41725
• https://nvd.nist.gov/vuln/detail/CVE-2022-41725
• https://go.dev/cl/468124
• https://go.dev/issue/58006
• https://pkg.go.dev/vuln/GO-2023-1569
• https://access.redhat.com/security/cve/CVE-2023-24534
• https://www.cve.org/CVERecord?id=CVE-2023-24534
• https://nvd.nist.gov/vuln/detail/CVE-2023-24534
• https://go.dev/issue/58975
• https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8
• https://access.redhat.com/security/cve/CVE-2023-24536
• https://www.cve.org/CVERecord?id=CVE-2023-24536
• https://nvd.nist.gov/vuln/detail/CVE-2023-24536
• https://go.dev/issue/59153
• https://access.redhat.com/security/cve/CVE-2023-24538
• https://www.cve.org/CVERecord?id=CVE-2023-24538
• https://nvd.nist.gov/vuln/detail/CVE-2023-24538
• https://github.com/golang/go/issues/59234
• https://access.redhat.com/security/cve/CVE-2023-24539
• https://www.cve.org/CVERecord?id=CVE-2023-24539
• https://nvd.nist.gov/vuln/detail/CVE-2023-24539
• https://github.com/golang/go/issues/59720
• https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU
• https://access.redhat.com/security/cve/CVE-2023-24540
• https://www.cve.org/CVERecord?id=CVE-2023-24540
• https://nvd.nist.gov/vuln/detail/CVE-2023-24540
• https://go.dev/issue/59721
• https://access.redhat.com/security/cve/CVE-2023-29400
• https://www.cve.org/CVERecord?id=CVE-2023-29400
• https://nvd.nist.gov/vuln/detail/CVE-2023-29400
• https://go.dev/issue/59722
• https://access.redhat.com/security/cve/CVE-2023-29406
• https://www.cve.org/CVERecord?id=CVE-2023-29406
• https://nvd.nist.gov/vuln/detail/CVE-2023-29406
• https://groups.google.com/g/golang-announce/c/2q13H6LEEx0