Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2022:2129 - Security Advisory
Issued:
2022-05-10
Updated:
2022-05-10

RHSA-2022:2129 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: lynx security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for lynx is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Lynx is a text-based Web browser. Lynx does not display any images, but it does support frames, tables, and most other HTML tags.

Security Fix(es):

  • lynx: Disclosure of HTTP authentication credentials via SNI data (CVE-2021-38165)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64

Fixes

  • BZ - 1994998 - CVE-2021-38165 lynx: Disclosure of HTTP authentication credentials via SNI data

CVEs

  • CVE-2021-38165

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
x86_64
lynx-2.8.9-4.el8.x86_64.rpm SHA-256: 4301bb0bc0d9a63564a746837eb2e9c9dcd8db0aeb0cb7b7da4c72172240e373
lynx-debuginfo-2.8.9-4.el8.x86_64.rpm SHA-256: a1b02626de5f8ad5f68c3be2e5805b608d2b9bae1f19fff39622c3fdfd2c93f9
lynx-debugsource-2.8.9-4.el8.x86_64.rpm SHA-256: 585ecd210a186bd23d4a41d374adeecaa7a5f1a6c499c6ba808827cfc7ab9c74

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
ppc64le
lynx-2.8.9-4.el8.ppc64le.rpm SHA-256: b166b270705d68151530d8cb86543b1aba83dd1cd1d2c0a76fe7dc726b090a44
lynx-debuginfo-2.8.9-4.el8.ppc64le.rpm SHA-256: 9e584300ee78cfbd2e61639b73c7e2697209924be8953bd89b3198aa8fffd0ab
lynx-debugsource-2.8.9-4.el8.ppc64le.rpm SHA-256: 9e0124f0d6d919f4b64a8b96f2f16cdec211b6e2df394b2bd5063bf60aea5e05

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
aarch64
lynx-2.8.9-4.el8.aarch64.rpm SHA-256: 0056a7903890ae0ed609255c41360b1766f9f51ebebc2ba10545599018b62c10
lynx-debuginfo-2.8.9-4.el8.aarch64.rpm SHA-256: 8ccf81b8ad77272309b82623b5b2ede003ea32a6958dceb7b2cfc944fac58a8f
lynx-debugsource-2.8.9-4.el8.aarch64.rpm SHA-256: 4c5ab59c8b9d42bd811bd150cd709072966ac0c6879b7371a832f8417dec82d1

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
s390x
lynx-2.8.9-4.el8.s390x.rpm SHA-256: 3475b6eb493a4d27f3f740a49febab877dead7156281d42772ee92d87b62046b
lynx-debuginfo-2.8.9-4.el8.s390x.rpm SHA-256: bad647484405ac28c20338b807f52c671e6d05357266528fd429f1fa08c457c3
lynx-debugsource-2.8.9-4.el8.s390x.rpm SHA-256: c8e28394f24ceed736667eb13a77134bc418b918e63fb7f3fe4ba612303a9e5e

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
x86_64
lynx-2.8.9-4.el8.x86_64.rpm SHA-256: 4301bb0bc0d9a63564a746837eb2e9c9dcd8db0aeb0cb7b7da4c72172240e373
lynx-debuginfo-2.8.9-4.el8.x86_64.rpm SHA-256: a1b02626de5f8ad5f68c3be2e5805b608d2b9bae1f19fff39622c3fdfd2c93f9
lynx-debugsource-2.8.9-4.el8.x86_64.rpm SHA-256: 585ecd210a186bd23d4a41d374adeecaa7a5f1a6c499c6ba808827cfc7ab9c74

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
x86_64
lynx-2.8.9-4.el8.x86_64.rpm SHA-256: 4301bb0bc0d9a63564a746837eb2e9c9dcd8db0aeb0cb7b7da4c72172240e373
lynx-debuginfo-2.8.9-4.el8.x86_64.rpm SHA-256: a1b02626de5f8ad5f68c3be2e5805b608d2b9bae1f19fff39622c3fdfd2c93f9
lynx-debugsource-2.8.9-4.el8.x86_64.rpm SHA-256: 585ecd210a186bd23d4a41d374adeecaa7a5f1a6c499c6ba808827cfc7ab9c74

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
ppc64le
lynx-2.8.9-4.el8.ppc64le.rpm SHA-256: b166b270705d68151530d8cb86543b1aba83dd1cd1d2c0a76fe7dc726b090a44
lynx-debuginfo-2.8.9-4.el8.ppc64le.rpm SHA-256: 9e584300ee78cfbd2e61639b73c7e2697209924be8953bd89b3198aa8fffd0ab
lynx-debugsource-2.8.9-4.el8.ppc64le.rpm SHA-256: 9e0124f0d6d919f4b64a8b96f2f16cdec211b6e2df394b2bd5063bf60aea5e05

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
ppc64le
lynx-2.8.9-4.el8.ppc64le.rpm SHA-256: b166b270705d68151530d8cb86543b1aba83dd1cd1d2c0a76fe7dc726b090a44
lynx-debuginfo-2.8.9-4.el8.ppc64le.rpm SHA-256: 9e584300ee78cfbd2e61639b73c7e2697209924be8953bd89b3198aa8fffd0ab
lynx-debugsource-2.8.9-4.el8.ppc64le.rpm SHA-256: 9e0124f0d6d919f4b64a8b96f2f16cdec211b6e2df394b2bd5063bf60aea5e05

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
s390x
lynx-2.8.9-4.el8.s390x.rpm SHA-256: 3475b6eb493a4d27f3f740a49febab877dead7156281d42772ee92d87b62046b
lynx-debuginfo-2.8.9-4.el8.s390x.rpm SHA-256: bad647484405ac28c20338b807f52c671e6d05357266528fd429f1fa08c457c3
lynx-debugsource-2.8.9-4.el8.s390x.rpm SHA-256: c8e28394f24ceed736667eb13a77134bc418b918e63fb7f3fe4ba612303a9e5e

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
s390x
lynx-2.8.9-4.el8.s390x.rpm SHA-256: 3475b6eb493a4d27f3f740a49febab877dead7156281d42772ee92d87b62046b
lynx-debuginfo-2.8.9-4.el8.s390x.rpm SHA-256: bad647484405ac28c20338b807f52c671e6d05357266528fd429f1fa08c457c3
lynx-debugsource-2.8.9-4.el8.s390x.rpm SHA-256: c8e28394f24ceed736667eb13a77134bc418b918e63fb7f3fe4ba612303a9e5e

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
aarch64
lynx-2.8.9-4.el8.aarch64.rpm SHA-256: 0056a7903890ae0ed609255c41360b1766f9f51ebebc2ba10545599018b62c10
lynx-debuginfo-2.8.9-4.el8.aarch64.rpm SHA-256: 8ccf81b8ad77272309b82623b5b2ede003ea32a6958dceb7b2cfc944fac58a8f
lynx-debugsource-2.8.9-4.el8.aarch64.rpm SHA-256: 4c5ab59c8b9d42bd811bd150cd709072966ac0c6879b7371a832f8417dec82d1

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM
lynx-2.8.9-4.el8.src.rpm SHA-256: a280a8a717ad3112215b0e4562600fc6ab319ab7ee3a41f2083445add224cc7e
aarch64
lynx-2.8.9-4.el8.aarch64.rpm SHA-256: 0056a7903890ae0ed609255c41360b1766f9f51ebebc2ba10545599018b62c10
lynx-debuginfo-2.8.9-4.el8.aarch64.rpm SHA-256: 8ccf81b8ad77272309b82623b5b2ede003ea32a6958dceb7b2cfc944fac58a8f
lynx-debugsource-2.8.9-4.el8.aarch64.rpm SHA-256: 4c5ab59c8b9d42bd811bd150cd709072966ac0c6879b7371a832f8417dec82d1

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility