Issued:
2022-05-10
Updated:
2022-05-10

RHSA-2022:1801 - Security Advisory

Synopsis

Moderate: gfbgraph security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gfbgraph is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GLib/GObject wrapper for the Facebook Graph API that integrates with GNOME Online Accounts.

The following packages have been upgraded to a later upstream version: gfbgraph (0.2.4). (BZ#1997941)

Security Fix(es):

  • gfbgraph: missing TLS certificate verification (CVE-2021-39358)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 1997139 - CVE-2021-39358 gfbgraph: missing TLS certificate verification

Red Hat Enterprise Linux for x86_64 8

SRPM
gfbgraph-0.2.4-1.el8.src.rpm SHA-256: 4930fc3e0f98e55239f15b581c1c1db37dbe9c827785454d1f8ab3d277a1e74a
x86_64
gfbgraph-0.2.4-1.el8.i686.rpm SHA-256: c39f882f897758bbcf32546eda0c215873555a85641d785518c04c28d08e79b0
gfbgraph-0.2.4-1.el8.x86_64.rpm SHA-256: 8aa2eb647e7e0b50f4c7786c6026ac6ad8dc9f712e897be3ca098eef38d4171b
gfbgraph-debuginfo-0.2.4-1.el8.i686.rpm SHA-256: 4403188ed7acb0d9a0109144c19a0f0af2086a5751349957b1654df122c67fae
gfbgraph-debuginfo-0.2.4-1.el8.x86_64.rpm SHA-256: 9d832885ced9538dfaf4f7878c98d725297224c562d27818ed35f9fc6bcf3031
gfbgraph-debugsource-0.2.4-1.el8.i686.rpm SHA-256: 941c4ddddd61bd8702c0bec21625d8891d7094b6f849a60b7efdb1c0472dc1f9
gfbgraph-debugsource-0.2.4-1.el8.x86_64.rpm SHA-256: f12f91736a3d60b781d9f793e6485a76b39139f58b48c6c8075a3b809efb0de5

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
gfbgraph-0.2.4-1.el8.src.rpm SHA-256: 4930fc3e0f98e55239f15b581c1c1db37dbe9c827785454d1f8ab3d277a1e74a
x86_64
gfbgraph-0.2.4-1.el8.i686.rpm SHA-256: c39f882f897758bbcf32546eda0c215873555a85641d785518c04c28d08e79b0
gfbgraph-0.2.4-1.el8.x86_64.rpm SHA-256: 8aa2eb647e7e0b50f4c7786c6026ac6ad8dc9f712e897be3ca098eef38d4171b
gfbgraph-debuginfo-0.2.4-1.el8.i686.rpm SHA-256: 4403188ed7acb0d9a0109144c19a0f0af2086a5751349957b1654df122c67fae
gfbgraph-debuginfo-0.2.4-1.el8.x86_64.rpm SHA-256: 9d832885ced9538dfaf4f7878c98d725297224c562d27818ed35f9fc6bcf3031
gfbgraph-debugsource-0.2.4-1.el8.i686.rpm SHA-256: 941c4ddddd61bd8702c0bec21625d8891d7094b6f849a60b7efdb1c0472dc1f9
gfbgraph-debugsource-0.2.4-1.el8.x86_64.rpm SHA-256: f12f91736a3d60b781d9f793e6485a76b39139f58b48c6c8075a3b809efb0de5

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
gfbgraph-0.2.4-1.el8.src.rpm SHA-256: 4930fc3e0f98e55239f15b581c1c1db37dbe9c827785454d1f8ab3d277a1e74a
x86_64
gfbgraph-0.2.4-1.el8.i686.rpm SHA-256: c39f882f897758bbcf32546eda0c215873555a85641d785518c04c28d08e79b0
gfbgraph-0.2.4-1.el8.x86_64.rpm SHA-256: 8aa2eb647e7e0b50f4c7786c6026ac6ad8dc9f712e897be3ca098eef38d4171b
gfbgraph-debuginfo-0.2.4-1.el8.i686.rpm SHA-256: 4403188ed7acb0d9a0109144c19a0f0af2086a5751349957b1654df122c67fae
gfbgraph-debuginfo-0.2.4-1.el8.x86_64.rpm SHA-256: 9d832885ced9538dfaf4f7878c98d725297224c562d27818ed35f9fc6bcf3031
gfbgraph-debugsource-0.2.4-1.el8.i686.rpm SHA-256: 941c4ddddd61bd8702c0bec21625d8891d7094b6f849a60b7efdb1c0472dc1f9
gfbgraph-debugsource-0.2.4-1.el8.x86_64.rpm SHA-256: f12f91736a3d60b781d9f793e6485a76b39139f58b48c6c8075a3b809efb0de5

Red Hat Enterprise Linux for Power, little endian 8

SRPM
gfbgraph-0.2.4-1.el8.src.rpm SHA-256: 4930fc3e0f98e55239f15b581c1c1db37dbe9c827785454d1f8ab3d277a1e74a
ppc64le
gfbgraph-0.2.4-1.el8.ppc64le.rpm SHA-256: cf1ede4a7e6d2d4735b97b5a103c311f991e25d8100b68f440fb02259eaaa333
gfbgraph-debuginfo-0.2.4-1.el8.ppc64le.rpm SHA-256: 46b0cb8f111accc6285c266031a46095516a2650d324608ee2bf3aeb74e06a69
gfbgraph-debugsource-0.2.4-1.el8.ppc64le.rpm SHA-256: 026561634dd341212b43baaf619985257b2a18341e52a45a2161c36a5b05f942

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
gfbgraph-0.2.4-1.el8.src.rpm SHA-256: 4930fc3e0f98e55239f15b581c1c1db37dbe9c827785454d1f8ab3d277a1e74a
ppc64le
gfbgraph-0.2.4-1.el8.ppc64le.rpm SHA-256: cf1ede4a7e6d2d4735b97b5a103c311f991e25d8100b68f440fb02259eaaa333
gfbgraph-debuginfo-0.2.4-1.el8.ppc64le.rpm SHA-256: 46b0cb8f111accc6285c266031a46095516a2650d324608ee2bf3aeb74e06a69
gfbgraph-debugsource-0.2.4-1.el8.ppc64le.rpm SHA-256: 026561634dd341212b43baaf619985257b2a18341e52a45a2161c36a5b05f942

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
gfbgraph-0.2.4-1.el8.src.rpm SHA-256: 4930fc3e0f98e55239f15b581c1c1db37dbe9c827785454d1f8ab3d277a1e74a
x86_64
gfbgraph-0.2.4-1.el8.i686.rpm SHA-256: c39f882f897758bbcf32546eda0c215873555a85641d785518c04c28d08e79b0
gfbgraph-0.2.4-1.el8.x86_64.rpm SHA-256: 8aa2eb647e7e0b50f4c7786c6026ac6ad8dc9f712e897be3ca098eef38d4171b
gfbgraph-debuginfo-0.2.4-1.el8.i686.rpm SHA-256: 4403188ed7acb0d9a0109144c19a0f0af2086a5751349957b1654df122c67fae
gfbgraph-debuginfo-0.2.4-1.el8.x86_64.rpm SHA-256: 9d832885ced9538dfaf4f7878c98d725297224c562d27818ed35f9fc6bcf3031
gfbgraph-debugsource-0.2.4-1.el8.i686.rpm SHA-256: 941c4ddddd61bd8702c0bec21625d8891d7094b6f849a60b7efdb1c0472dc1f9
gfbgraph-debugsource-0.2.4-1.el8.x86_64.rpm SHA-256: f12f91736a3d60b781d9f793e6485a76b39139f58b48c6c8075a3b809efb0de5

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
gfbgraph-0.2.4-1.el8.src.rpm SHA-256: 4930fc3e0f98e55239f15b581c1c1db37dbe9c827785454d1f8ab3d277a1e74a
ppc64le
gfbgraph-0.2.4-1.el8.ppc64le.rpm SHA-256: cf1ede4a7e6d2d4735b97b5a103c311f991e25d8100b68f440fb02259eaaa333
gfbgraph-debuginfo-0.2.4-1.el8.ppc64le.rpm SHA-256: 46b0cb8f111accc6285c266031a46095516a2650d324608ee2bf3aeb74e06a69
gfbgraph-debugsource-0.2.4-1.el8.ppc64le.rpm SHA-256: 026561634dd341212b43baaf619985257b2a18341e52a45a2161c36a5b05f942

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
gfbgraph-0.2.4-1.el8.src.rpm SHA-256: 4930fc3e0f98e55239f15b581c1c1db37dbe9c827785454d1f8ab3d277a1e74a
x86_64
gfbgraph-0.2.4-1.el8.i686.rpm SHA-256: c39f882f897758bbcf32546eda0c215873555a85641d785518c04c28d08e79b0
gfbgraph-0.2.4-1.el8.x86_64.rpm SHA-256: 8aa2eb647e7e0b50f4c7786c6026ac6ad8dc9f712e897be3ca098eef38d4171b
gfbgraph-debuginfo-0.2.4-1.el8.i686.rpm SHA-256: 4403188ed7acb0d9a0109144c19a0f0af2086a5751349957b1654df122c67fae
gfbgraph-debuginfo-0.2.4-1.el8.x86_64.rpm SHA-256: 9d832885ced9538dfaf4f7878c98d725297224c562d27818ed35f9fc6bcf3031
gfbgraph-debugsource-0.2.4-1.el8.i686.rpm SHA-256: 941c4ddddd61bd8702c0bec21625d8891d7094b6f849a60b7efdb1c0472dc1f9
gfbgraph-debugsource-0.2.4-1.el8.x86_64.rpm SHA-256: f12f91736a3d60b781d9f793e6485a76b39139f58b48c6c8075a3b809efb0de5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.