Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2022:5052 - Security Advisory
Issued:
2022-06-15
Updated:
2022-06-15

RHSA-2022:5052 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: xz security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for xz is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.

Security Fix(es):

  • gzip: arbitrary-file-write vulnerability (CVE-2022-1271)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 2073310 - CVE-2022-1271 gzip: arbitrary-file-write vulnerability

CVEs

  • CVE-2022-1271

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
xz-5.2.2-2.el7_9.src.rpm SHA-256: ee2782b5dcc34245e7b11c34bf0651bc0e2c6a2cd4e72a769aaf1fa83ea7a338 Download
x86_64
xz-5.2.2-2.el7_9.x86_64.rpm SHA-256: 7050a428bd8a62a5d2c6f4374e4e771792dce4907d25a1eb99496bf8deeb76ac Download
xz-compat-libs-5.2.2-2.el7_9.i686.rpm SHA-256: c871101ea851c1432f577660ab24f2ed437ec1e07e7276c93933f0939722f6cb Download
xz-compat-libs-5.2.2-2.el7_9.x86_64.rpm SHA-256: 03ac96746e08a1bb46e02498576510a52648f5d06ccf64145803bf7c36d1c2b9 Download
xz-debuginfo-5.2.2-2.el7_9.i686.rpm SHA-256: 9502f47e7a372d7daf166d9e0d751fbafebbbc39bffd9f63c79fa6f8f34e5500 Download
xz-debuginfo-5.2.2-2.el7_9.i686.rpm SHA-256: 9502f47e7a372d7daf166d9e0d751fbafebbbc39bffd9f63c79fa6f8f34e5500 Download
xz-debuginfo-5.2.2-2.el7_9.x86_64.rpm SHA-256: b71a20e4e59cdcfe6e97b5d8a74150f656375d7aeae04ccdf7593ce0971b8362 Download
xz-debuginfo-5.2.2-2.el7_9.x86_64.rpm SHA-256: b71a20e4e59cdcfe6e97b5d8a74150f656375d7aeae04ccdf7593ce0971b8362 Download
xz-devel-5.2.2-2.el7_9.i686.rpm SHA-256: e8db171c964cf442614961b4efd0fdc01b6d11f3eced796ce9ef92c64cb1b5f8 Download
xz-devel-5.2.2-2.el7_9.x86_64.rpm SHA-256: 3c5fccbb029393814ea9f112a1b33483d5d8f662687a7031e3cba722154ced69 Download
xz-libs-5.2.2-2.el7_9.i686.rpm SHA-256: fe93102ec27f211425d80e9fe12fc6afb517f9624e255e0b997796973f46a007 Download
xz-libs-5.2.2-2.el7_9.x86_64.rpm SHA-256: 0f834cba39f747e26818fcb9f97125ebc304a31c326be1eae6602fd9f193a29b Download
xz-lzma-compat-5.2.2-2.el7_9.x86_64.rpm SHA-256: e965a5e3fce6264a6706e80b02ffe7071867cb821f754635ea0ceba8d9c354eb Download

Red Hat Enterprise Linux Workstation 7

SRPM
xz-5.2.2-2.el7_9.src.rpm SHA-256: ee2782b5dcc34245e7b11c34bf0651bc0e2c6a2cd4e72a769aaf1fa83ea7a338
x86_64
xz-5.2.2-2.el7_9.x86_64.rpm SHA-256: 7050a428bd8a62a5d2c6f4374e4e771792dce4907d25a1eb99496bf8deeb76ac
xz-compat-libs-5.2.2-2.el7_9.i686.rpm SHA-256: c871101ea851c1432f577660ab24f2ed437ec1e07e7276c93933f0939722f6cb
xz-compat-libs-5.2.2-2.el7_9.x86_64.rpm SHA-256: 03ac96746e08a1bb46e02498576510a52648f5d06ccf64145803bf7c36d1c2b9
xz-debuginfo-5.2.2-2.el7_9.i686.rpm SHA-256: 9502f47e7a372d7daf166d9e0d751fbafebbbc39bffd9f63c79fa6f8f34e5500
xz-debuginfo-5.2.2-2.el7_9.i686.rpm SHA-256: 9502f47e7a372d7daf166d9e0d751fbafebbbc39bffd9f63c79fa6f8f34e5500
xz-debuginfo-5.2.2-2.el7_9.x86_64.rpm SHA-256: b71a20e4e59cdcfe6e97b5d8a74150f656375d7aeae04ccdf7593ce0971b8362
xz-debuginfo-5.2.2-2.el7_9.x86_64.rpm SHA-256: b71a20e4e59cdcfe6e97b5d8a74150f656375d7aeae04ccdf7593ce0971b8362
xz-devel-5.2.2-2.el7_9.i686.rpm SHA-256: e8db171c964cf442614961b4efd0fdc01b6d11f3eced796ce9ef92c64cb1b5f8
xz-devel-5.2.2-2.el7_9.x86_64.rpm SHA-256: 3c5fccbb029393814ea9f112a1b33483d5d8f662687a7031e3cba722154ced69
xz-libs-5.2.2-2.el7_9.i686.rpm SHA-256: fe93102ec27f211425d80e9fe12fc6afb517f9624e255e0b997796973f46a007
xz-libs-5.2.2-2.el7_9.x86_64.rpm SHA-256: 0f834cba39f747e26818fcb9f97125ebc304a31c326be1eae6602fd9f193a29b
xz-lzma-compat-5.2.2-2.el7_9.x86_64.rpm SHA-256: e965a5e3fce6264a6706e80b02ffe7071867cb821f754635ea0ceba8d9c354eb

Red Hat Enterprise Linux Desktop 7

SRPM
xz-5.2.2-2.el7_9.src.rpm SHA-256: ee2782b5dcc34245e7b11c34bf0651bc0e2c6a2cd4e72a769aaf1fa83ea7a338
x86_64
xz-5.2.2-2.el7_9.x86_64.rpm SHA-256: 7050a428bd8a62a5d2c6f4374e4e771792dce4907d25a1eb99496bf8deeb76ac
xz-compat-libs-5.2.2-2.el7_9.i686.rpm SHA-256: c871101ea851c1432f577660ab24f2ed437ec1e07e7276c93933f0939722f6cb
xz-compat-libs-5.2.2-2.el7_9.x86_64.rpm SHA-256: 03ac96746e08a1bb46e02498576510a52648f5d06ccf64145803bf7c36d1c2b9
xz-debuginfo-5.2.2-2.el7_9.i686.rpm SHA-256: 9502f47e7a372d7daf166d9e0d751fbafebbbc39bffd9f63c79fa6f8f34e5500
xz-debuginfo-5.2.2-2.el7_9.i686.rpm SHA-256: 9502f47e7a372d7daf166d9e0d751fbafebbbc39bffd9f63c79fa6f8f34e5500
xz-debuginfo-5.2.2-2.el7_9.x86_64.rpm SHA-256: b71a20e4e59cdcfe6e97b5d8a74150f656375d7aeae04ccdf7593ce0971b8362
xz-debuginfo-5.2.2-2.el7_9.x86_64.rpm SHA-256: b71a20e4e59cdcfe6e97b5d8a74150f656375d7aeae04ccdf7593ce0971b8362
xz-devel-5.2.2-2.el7_9.i686.rpm SHA-256: e8db171c964cf442614961b4efd0fdc01b6d11f3eced796ce9ef92c64cb1b5f8
xz-devel-5.2.2-2.el7_9.x86_64.rpm SHA-256: 3c5fccbb029393814ea9f112a1b33483d5d8f662687a7031e3cba722154ced69
xz-libs-5.2.2-2.el7_9.i686.rpm SHA-256: fe93102ec27f211425d80e9fe12fc6afb517f9624e255e0b997796973f46a007
xz-libs-5.2.2-2.el7_9.x86_64.rpm SHA-256: 0f834cba39f747e26818fcb9f97125ebc304a31c326be1eae6602fd9f193a29b
xz-lzma-compat-5.2.2-2.el7_9.x86_64.rpm SHA-256: e965a5e3fce6264a6706e80b02ffe7071867cb821f754635ea0ceba8d9c354eb

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
xz-5.2.2-2.el7_9.src.rpm SHA-256: ee2782b5dcc34245e7b11c34bf0651bc0e2c6a2cd4e72a769aaf1fa83ea7a338
s390x
xz-5.2.2-2.el7_9.s390x.rpm SHA-256: 5efdc1de15d0cf5e2c675dbed1f1595a0354bcdeb52e0eaeac7e5239a54d1123
xz-compat-libs-5.2.2-2.el7_9.s390.rpm SHA-256: 5213590ea9248c5788d762d81b5d5704f046878a44d27e5dc9ca3d8bd8157f6a
xz-compat-libs-5.2.2-2.el7_9.s390x.rpm SHA-256: 348e61d12103da68562aa21ca5610747a8faa2c9068518b4ed5b69715d9b6e41
xz-debuginfo-5.2.2-2.el7_9.s390.rpm SHA-256: 7710453085f015ae5eed0a83b24ce46f0bca153cbf59d061e1bc3dad407a5aa8
xz-debuginfo-5.2.2-2.el7_9.s390.rpm SHA-256: 7710453085f015ae5eed0a83b24ce46f0bca153cbf59d061e1bc3dad407a5aa8
xz-debuginfo-5.2.2-2.el7_9.s390x.rpm SHA-256: a5be39cacb5e482a1c4395e9cdee65720ee07dd3a32fd433d46ea1013c3b2d69
xz-debuginfo-5.2.2-2.el7_9.s390x.rpm SHA-256: a5be39cacb5e482a1c4395e9cdee65720ee07dd3a32fd433d46ea1013c3b2d69
xz-devel-5.2.2-2.el7_9.s390.rpm SHA-256: f535affe5634674b05fd06ac4d31a6cbb372dee87050ce42e255868d3ba4ec60
xz-devel-5.2.2-2.el7_9.s390x.rpm SHA-256: 4ca44d0cf8ba92010ebdbd890d204a0c0eede3b787d7fd53e888900e558732bd
xz-libs-5.2.2-2.el7_9.s390.rpm SHA-256: c9ac5f995fecad2ea378b77890594e7e85dc7d18731b0ecb830b1c532bbb2fa3
xz-libs-5.2.2-2.el7_9.s390x.rpm SHA-256: 288d4baf8c46020b39f7a47590dc0aecde4f2cf9122d232a234d6d171b700bf1
xz-lzma-compat-5.2.2-2.el7_9.s390x.rpm SHA-256: 3699156b69b4b42a971da77d8c29a9870682ad9166f84da9b3bb01571f180f50

Red Hat Enterprise Linux for Power, big endian 7

SRPM
xz-5.2.2-2.el7_9.src.rpm SHA-256: ee2782b5dcc34245e7b11c34bf0651bc0e2c6a2cd4e72a769aaf1fa83ea7a338
ppc64
xz-5.2.2-2.el7_9.ppc64.rpm SHA-256: baf93a9ee487ace3138e3e57d1eb69fdee1a12d51d7f7f88d0d34a017244ac7a
xz-compat-libs-5.2.2-2.el7_9.ppc.rpm SHA-256: a377428fc34f9fc7f5dd1647430ae940ac57f2dfe3059dafe83bf9683ae2ee2c
xz-compat-libs-5.2.2-2.el7_9.ppc64.rpm SHA-256: 1d1f59fdc6bc7df3aefcca0dcd27c38f83766d8e5f163b68101241b5cccc6ac0
xz-debuginfo-5.2.2-2.el7_9.ppc.rpm SHA-256: 4e05afef1cbc55b8d80ba7c32702a47b2a410d93feace1a374bb48433cc5d74e
xz-debuginfo-5.2.2-2.el7_9.ppc.rpm SHA-256: 4e05afef1cbc55b8d80ba7c32702a47b2a410d93feace1a374bb48433cc5d74e
xz-debuginfo-5.2.2-2.el7_9.ppc64.rpm SHA-256: 0ffce7b0b66e39e6ff0d1836700ea565a2afddaaf3ae21d9787aa7591a064e9a
xz-debuginfo-5.2.2-2.el7_9.ppc64.rpm SHA-256: 0ffce7b0b66e39e6ff0d1836700ea565a2afddaaf3ae21d9787aa7591a064e9a
xz-devel-5.2.2-2.el7_9.ppc.rpm SHA-256: 981eaebb92bc2ecc5e29263273db034f039cfbc22dc0db990f4e80bc2195ad31
xz-devel-5.2.2-2.el7_9.ppc64.rpm SHA-256: 3c03e082da93430915dcddb78528c88f76174225a4fa6f5bdc39d5277af16ef6
xz-libs-5.2.2-2.el7_9.ppc.rpm SHA-256: 5f2308a021543f419f598c55c11d72fa0924d7f549578357a1741957a6e8bcac
xz-libs-5.2.2-2.el7_9.ppc64.rpm SHA-256: ab9cd3b457394e72863645ab3d7e202bb7fbdb42f3a2ce8edd41832ea0fcb7d3
xz-lzma-compat-5.2.2-2.el7_9.ppc64.rpm SHA-256: eb515e5b0217252e2905567d1d9cbf0d61d3e017e234a6a386e33f65d7beaf5e

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
xz-5.2.2-2.el7_9.src.rpm SHA-256: ee2782b5dcc34245e7b11c34bf0651bc0e2c6a2cd4e72a769aaf1fa83ea7a338
x86_64
xz-5.2.2-2.el7_9.x86_64.rpm SHA-256: 7050a428bd8a62a5d2c6f4374e4e771792dce4907d25a1eb99496bf8deeb76ac
xz-compat-libs-5.2.2-2.el7_9.i686.rpm SHA-256: c871101ea851c1432f577660ab24f2ed437ec1e07e7276c93933f0939722f6cb
xz-compat-libs-5.2.2-2.el7_9.x86_64.rpm SHA-256: 03ac96746e08a1bb46e02498576510a52648f5d06ccf64145803bf7c36d1c2b9
xz-debuginfo-5.2.2-2.el7_9.i686.rpm SHA-256: 9502f47e7a372d7daf166d9e0d751fbafebbbc39bffd9f63c79fa6f8f34e5500
xz-debuginfo-5.2.2-2.el7_9.i686.rpm SHA-256: 9502f47e7a372d7daf166d9e0d751fbafebbbc39bffd9f63c79fa6f8f34e5500
xz-debuginfo-5.2.2-2.el7_9.x86_64.rpm SHA-256: b71a20e4e59cdcfe6e97b5d8a74150f656375d7aeae04ccdf7593ce0971b8362
xz-debuginfo-5.2.2-2.el7_9.x86_64.rpm SHA-256: b71a20e4e59cdcfe6e97b5d8a74150f656375d7aeae04ccdf7593ce0971b8362
xz-devel-5.2.2-2.el7_9.i686.rpm SHA-256: e8db171c964cf442614961b4efd0fdc01b6d11f3eced796ce9ef92c64cb1b5f8
xz-devel-5.2.2-2.el7_9.x86_64.rpm SHA-256: 3c5fccbb029393814ea9f112a1b33483d5d8f662687a7031e3cba722154ced69
xz-libs-5.2.2-2.el7_9.i686.rpm SHA-256: fe93102ec27f211425d80e9fe12fc6afb517f9624e255e0b997796973f46a007
xz-libs-5.2.2-2.el7_9.x86_64.rpm SHA-256: 0f834cba39f747e26818fcb9f97125ebc304a31c326be1eae6602fd9f193a29b
xz-lzma-compat-5.2.2-2.el7_9.x86_64.rpm SHA-256: e965a5e3fce6264a6706e80b02ffe7071867cb821f754635ea0ceba8d9c354eb

Red Hat Enterprise Linux for Power, little endian 7

SRPM
xz-5.2.2-2.el7_9.src.rpm SHA-256: ee2782b5dcc34245e7b11c34bf0651bc0e2c6a2cd4e72a769aaf1fa83ea7a338 Download
ppc64le
xz-5.2.2-2.el7_9.ppc64le.rpm SHA-256: 05014029e281a019c21a82a052565c7f0af20543855ba6c03b4850cf82654500 Download
xz-compat-libs-5.2.2-2.el7_9.ppc64le.rpm SHA-256: d7ad38b99480d628d075cae906d2ac8a90ac9408f4f05354ee97052adea0c0c7 Download
xz-debuginfo-5.2.2-2.el7_9.ppc64le.rpm SHA-256: 5cec8cb1089409556f7022be5b54977e1c0208034f7a6140751bf1513b6234e0 Download
xz-debuginfo-5.2.2-2.el7_9.ppc64le.rpm SHA-256: 5cec8cb1089409556f7022be5b54977e1c0208034f7a6140751bf1513b6234e0 Download
xz-devel-5.2.2-2.el7_9.ppc64le.rpm SHA-256: 3dc33da86c8f7324bb063812a19930871c3392f0377ba6e10bc0d855b59b4640 Download
xz-libs-5.2.2-2.el7_9.ppc64le.rpm SHA-256: 5adfc9102cfa190e4beae1d991470d01c3ec14092d7f0aeb4b446c8ec7f057e5 Download
xz-lzma-compat-5.2.2-2.el7_9.ppc64le.rpm SHA-256: ede89ffb29ead85bfcb66f8d5b97bf6e528aff6b6f2cb4b4d0f153210c8b5f0b Download

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Download Links Expired

Links to download software expire after a period of inactivity. Refresh to generate new links.
  • Have feedback? Tell us what you think
  • If you need assistance, contact Customer Service

Thank you for using Red Hat Customer Portal Downloads

If you need support, please contact Red Hat Customer Service.

How satisfied are you with the new page design?
Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter