Red Hat Product Errata RHSA-2022:0987 - Security Advisory
Issued:
2022-03-24
Updated:
2022-03-24

RHSA-2022:0987 - Security Advisory

Synopsis

Moderate: Red Hat OpenStack Platform 16.1 (numpy) security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for numpy is now available for Red Hat OpenStack Platform 16.1
(Train).

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

Description

A fast multidimensional array facility for Python

Security Fix(es):

  • buffer overflow in the PyArray_NewFromDescr_int() in ctors.c

(CVE-2021-33430)

  • buffer overflow in the array_from_pyobj() in fortranobject.c

(CVE-2021-41496)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

Solution

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenStack for IBM Power 16.1 ppc64le
  • Red Hat OpenStack 16.1 x86_64
  • Red Hat OpenStack Director Deployment Tools 16.1 x86_64
  • Red Hat OpenStack Director Deployment Tools for IBM Power LE 16.1 ppc64le
  • Cinderlib 16.1 x86_64
  • Cinderlib for IBM Power LE 16.1 ppc64le

Fixes

  • BZ - 2035034 - CVE-2021-33430 numpy: buffer overflow in the PyArray_NewFromDescr_int() in ctors.c
  • BZ - 2035040 - CVE-2021-41496 numpy: buffer overflow in the array_from_pyobj() in fortranobject.c

Red Hat OpenStack for IBM Power 16.1

SRPM
numpy-1.17.0-8.el8ost.src.rpm SHA-256: 7c0c08869112539ac0752feb3e4c67423d538f2ec64caed5de7631768b97113f
ppc64le
numpy-debugsource-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 4030cfad06769e657bdb8839926d90c7c7b9c7c27bb6b7e7e2bd2635c1bb6db7
python3-numpy-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 1e232d9471e6899ff862f0ea76c35ce6babafac1724b417612426802fbb1fda5
python3-numpy-debuginfo-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 6f9804c09905589d4b5044587fcce2fd0438477f6bb5883f69f4763bf31731e0
python3-numpy-f2py-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 4eb327f0e673a617275f43970bf80cd922bb107b32c3723591ab2342692ae2cf

Red Hat OpenStack 16.1

SRPM
numpy-1.17.0-8.el8ost.src.rpm SHA-256: 7c0c08869112539ac0752feb3e4c67423d538f2ec64caed5de7631768b97113f
x86_64
numpy-debugsource-1.17.0-8.el8ost.x86_64.rpm SHA-256: 497876560c1c7cbac39cbf125fbbbf2906a6c1d4fd384e398dfb5ed19b96cca0
python3-numpy-1.17.0-8.el8ost.x86_64.rpm SHA-256: 485191dbd8b2c1ad79af85901c64fa74a0dd8ceedc89856261ccf19d230cad9c
python3-numpy-debuginfo-1.17.0-8.el8ost.x86_64.rpm SHA-256: fa307900d1176f4dbfa1a2fa2b1acbe7b37860d1fb11a9b86792375b49a6b518
python3-numpy-f2py-1.17.0-8.el8ost.x86_64.rpm SHA-256: 245f8a15a2e75449ed0fbb9d3726854d7dbac5ce2dc262706688fca9df78da0a

Red Hat OpenStack Director Deployment Tools 16.1

SRPM
numpy-1.17.0-8.el8ost.src.rpm SHA-256: 7c0c08869112539ac0752feb3e4c67423d538f2ec64caed5de7631768b97113f
x86_64
numpy-debugsource-1.17.0-8.el8ost.x86_64.rpm SHA-256: 497876560c1c7cbac39cbf125fbbbf2906a6c1d4fd384e398dfb5ed19b96cca0
python3-numpy-1.17.0-8.el8ost.x86_64.rpm SHA-256: 485191dbd8b2c1ad79af85901c64fa74a0dd8ceedc89856261ccf19d230cad9c
python3-numpy-debuginfo-1.17.0-8.el8ost.x86_64.rpm SHA-256: fa307900d1176f4dbfa1a2fa2b1acbe7b37860d1fb11a9b86792375b49a6b518
python3-numpy-f2py-1.17.0-8.el8ost.x86_64.rpm SHA-256: 245f8a15a2e75449ed0fbb9d3726854d7dbac5ce2dc262706688fca9df78da0a

Red Hat OpenStack Director Deployment Tools for IBM Power LE 16.1

SRPM
numpy-1.17.0-8.el8ost.src.rpm SHA-256: 7c0c08869112539ac0752feb3e4c67423d538f2ec64caed5de7631768b97113f
ppc64le
numpy-debugsource-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 4030cfad06769e657bdb8839926d90c7c7b9c7c27bb6b7e7e2bd2635c1bb6db7
python3-numpy-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 1e232d9471e6899ff862f0ea76c35ce6babafac1724b417612426802fbb1fda5
python3-numpy-debuginfo-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 6f9804c09905589d4b5044587fcce2fd0438477f6bb5883f69f4763bf31731e0
python3-numpy-f2py-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 4eb327f0e673a617275f43970bf80cd922bb107b32c3723591ab2342692ae2cf

Cinderlib 16.1

SRPM
numpy-1.17.0-8.el8ost.src.rpm SHA-256: 7c0c08869112539ac0752feb3e4c67423d538f2ec64caed5de7631768b97113f
x86_64
numpy-debugsource-1.17.0-8.el8ost.x86_64.rpm SHA-256: 497876560c1c7cbac39cbf125fbbbf2906a6c1d4fd384e398dfb5ed19b96cca0
python3-numpy-1.17.0-8.el8ost.x86_64.rpm SHA-256: 485191dbd8b2c1ad79af85901c64fa74a0dd8ceedc89856261ccf19d230cad9c
python3-numpy-debuginfo-1.17.0-8.el8ost.x86_64.rpm SHA-256: fa307900d1176f4dbfa1a2fa2b1acbe7b37860d1fb11a9b86792375b49a6b518
python3-numpy-f2py-1.17.0-8.el8ost.x86_64.rpm SHA-256: 245f8a15a2e75449ed0fbb9d3726854d7dbac5ce2dc262706688fca9df78da0a

Cinderlib for IBM Power LE 16.1

SRPM
numpy-1.17.0-8.el8ost.src.rpm SHA-256: 7c0c08869112539ac0752feb3e4c67423d538f2ec64caed5de7631768b97113f
ppc64le
numpy-debugsource-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 4030cfad06769e657bdb8839926d90c7c7b9c7c27bb6b7e7e2bd2635c1bb6db7
python3-numpy-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 1e232d9471e6899ff862f0ea76c35ce6babafac1724b417612426802fbb1fda5
python3-numpy-debuginfo-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 6f9804c09905589d4b5044587fcce2fd0438477f6bb5883f69f4763bf31731e0
python3-numpy-f2py-1.17.0-8.el8ost.ppc64le.rpm SHA-256: 4eb327f0e673a617275f43970bf80cd922bb107b32c3723591ab2342692ae2cf

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.