Alerta temprana

TLP:CLEAR PAP:WHITE

Avisos de seguridad de Red Hat

Descripción

RHSA-2023:5710, RHSA-2023:5708, RHSA-2023:5707, RHSA-2023:5705, RHSA-2023:5706 : actualización de seguridad dotnet6.0.

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487).

RHSA-2023:5749 : Actualización de seguridad de .NET 7.0.

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487).

RHSA-2023:5716 : Actualización de seguridad de Red Hat Data Grid 8.4.5.

netty-codec-http2: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487).

RHSA-2023:5719 : Actualización de seguridad go-toolset-1.19 y go-toolset-1.19-golang.

golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325).
HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487).

RHSA-2023:5721 : actualización de seguridad rhel8.

golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325).
HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487).

RHSA-2023:5738 : Actualización de seguridad y corrección de errores de go-toolset y golang.

golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325).
HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487).
golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409).

Productos afectados

RHSA-2023:5710

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat Enterprise Linux Server - TUS 8.8 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64

RHSA-2023:5708

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
Red Hat Enterprise Linux Server - AUS 9.2 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
Red Hat CodeReady Linux Builder for x86_64 9 x86_64
Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x

RHSA-2023:5707

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
Red Hat Enterprise Linux Server - AUS 8.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
Red Hat Enterprise Linux Server - TUS 8.6 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

RHSA-2023:5705

dotNET on RHEL (for RHEL Server) 1 x86_64
dotNET on RHEL (for RHEL Workstation) 1 x86_64
dotNET on RHEL (for RHEL Compute Node) 1 x86_64

RHSA-2023:5706

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

RHSA-2023:5749

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
Red Hat Enterprise Linux Server - AUS 9.2 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
Red Hat CodeReady Linux Builder for x86_64 9 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x

RHSA-2023:5716

Red Hat JBoss Data Grid Text-Only Advisories x86_64

RHSA-2023:5719

Red Hat Developer Tools (for RHEL Workstation) 1 x86_64
Red Hat Developer Tools (for RHEL Server) 1 x86_64
Red Hat Developer Tools (for RHEL Server for System Z) 1 s390x
Red Hat Developer Tools (for RHEL Server for IBM Power LE) 1 ppc64le

RHSA-2023:5721

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat Enterprise Linux Server - TUS 8.8 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

RHSA-2023:5738

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
Red Hat Enterprise Linux Server - AUS 9.2 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x

Riesgo

Alto

Soluciones

Para obtener detalles sobre cómo aplicar estas actualizaciones, que incluyen los cambios descritos en este aviso, consulte: https://access.redhat.com/articles/11258

Referencias

Publicación oficial

Contacto

Para más información, cualquier otra incidencia o problema de seguridad, puede ponerse en contacto a través de nuestra dirección de correo csirt@seresco.es