Red Hat Product Errata RHSA-2022:7464 - Security Advisory

Issued:: 2022-11-08
Updated:: 2022-11-08

RHSA-2022:7464 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: protobuf security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for protobuf is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data.

Security Fix(es):

protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

BZ - 2049429 - CVE-2021-22570 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

CVEs

CVE-2021-22570

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
protobuf-3.5.0-15.el8.src.rpm	SHA-256: 79e67ed4a6e4df49ec1a0df4c678f87d21a7270897854fe25573dc40b95992d0
x86_64
protobuf-3.5.0-15.el8.i686.rpm	SHA-256: 942a6d97981b3bb6c949dbeba6d3eea0700273069f36f2f9ad333a0ff627608b
protobuf-3.5.0-15.el8.x86_64.rpm	SHA-256: a86f1309b026b7c6d2b3acc31f4829b838c46f11a981b20ee393f2a31d9d24a0
protobuf-compiler-3.5.0-15.el8.i686.rpm	SHA-256: ae9165abc1ce59256c38f8e993a33806ca292ad4f9a02033b5c910aad661b9c7
protobuf-compiler-3.5.0-15.el8.x86_64.rpm	SHA-256: 468f8368c01d014468a563775fd7d80c0c6661ff75bd4dc570fac58e452bfa88
protobuf-compiler-debuginfo-3.5.0-15.el8.i686.rpm	SHA-256: 1091fa85c851541fb4beb3ef470b5a1032518bda1350b2110a461d79fdc814e3
protobuf-compiler-debuginfo-3.5.0-15.el8.x86_64.rpm	SHA-256: 79ba85bc4a984bcff70788eb5eda1fcb738e4a6dfda61b6bf2c26b52bd7cb121
protobuf-debuginfo-3.5.0-15.el8.i686.rpm	SHA-256: 4ce48e6c020f89979a6f7fef3db04de7ff890a96edac4081025a6223ef1dd5fa
protobuf-debuginfo-3.5.0-15.el8.x86_64.rpm	SHA-256: 8039fa16623234201c1f14b2ae21e5664ea6a9946b2814d4c21fe5ac862da795
protobuf-debugsource-3.5.0-15.el8.i686.rpm	SHA-256: c814d8039a84d18257066da0b0235694a63ae1d6849b899967d207a004e0b12b
protobuf-debugsource-3.5.0-15.el8.x86_64.rpm	SHA-256: 042a3911c323c339d7f6b343f448684731ce8f980948e3865e3411f528f70a18
protobuf-lite-3.5.0-15.el8.i686.rpm	SHA-256: 1a89adcefd8f42fb3f1e317d0f5715efe01cee5f2b36f2f3aea251c82606ee40
protobuf-lite-3.5.0-15.el8.x86_64.rpm	SHA-256: 1d0fddece1334bcaa22ff1dc000a54d43541eb4a1fd81f9a41f6cbfe58fe26db
protobuf-lite-debuginfo-3.5.0-15.el8.i686.rpm	SHA-256: 971b1fd6168a411465f2d791fe113e4a8d94935f17378b375e9c7d0ab10bc64b
protobuf-lite-debuginfo-3.5.0-15.el8.x86_64.rpm	SHA-256: 1d51b6f76103a17aae612ec2102c1836740e289bc1b8d0c2406258fc4a4105e6
python3-protobuf-3.5.0-15.el8.noarch.rpm	SHA-256: 1ed0d6c262fc0711f8d5f13d6234090b08a9753128a49aa73046c2d69d9ef404

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
protobuf-3.5.0-15.el8.src.rpm	SHA-256: 79e67ed4a6e4df49ec1a0df4c678f87d21a7270897854fe25573dc40b95992d0
s390x
protobuf-3.5.0-15.el8.s390x.rpm	SHA-256: 94e0fa77af629505010955b6fd1d913fd3752b894d590dd2a3168753e4f23414
protobuf-compiler-3.5.0-15.el8.s390x.rpm	SHA-256: d901a98799c6c82cb0ce575a2fce2a6bde0d42228bf626a12b1b24b7448d4ede
protobuf-compiler-debuginfo-3.5.0-15.el8.s390x.rpm	SHA-256: 9c2cbd6b3800721917a66b778099220e9892036a06770bf919cb3962f26dbbf4
protobuf-debuginfo-3.5.0-15.el8.s390x.rpm	SHA-256: 040984ba8921eb4d6d11d7ffd897d211b00dcb53b1c67b4e91b510a5946776af
protobuf-debugsource-3.5.0-15.el8.s390x.rpm	SHA-256: 840e215738ba46d40f5215562920e6bd8975cbf5011f43ba78febe33cb286a6e
protobuf-lite-3.5.0-15.el8.s390x.rpm	SHA-256: bcf2e4aeee243aab8031dcd67beca3a1ac0d795ea0f060a4d3c673c3097c03c6
protobuf-lite-debuginfo-3.5.0-15.el8.s390x.rpm	SHA-256: d655f19a3704033e3e601d927c310cd312c2e406ff90952f172a527480c91c34
python3-protobuf-3.5.0-15.el8.noarch.rpm	SHA-256: 1ed0d6c262fc0711f8d5f13d6234090b08a9753128a49aa73046c2d69d9ef404

Red Hat Enterprise Linux for Power, little endian 8

SRPM
protobuf-3.5.0-15.el8.src.rpm	SHA-256: 79e67ed4a6e4df49ec1a0df4c678f87d21a7270897854fe25573dc40b95992d0
ppc64le
protobuf-3.5.0-15.el8.ppc64le.rpm	SHA-256: 6de525a9f409364b89e9ad3450ee681241d21a2aa83faab2b53b2263cbd82709
protobuf-compiler-3.5.0-15.el8.ppc64le.rpm	SHA-256: 9acb57b21d9376d1abb7b0a626f897b8631eaca912d393aa70388f3304676a5c
protobuf-compiler-debuginfo-3.5.0-15.el8.ppc64le.rpm	SHA-256: a3ba16c5e24ffbb3c8e36f04ed33bdfc527f5a3aa925b2f1c32e5a50605b164f
protobuf-debuginfo-3.5.0-15.el8.ppc64le.rpm	SHA-256: 2a5b836a198fa1812728dff295352d199655d6a69b0d43c799aebcb7714781f8
protobuf-debugsource-3.5.0-15.el8.ppc64le.rpm	SHA-256: a48fa67fb389efd7c664850d7709b37696ebc26d98780b1c4d5aa101b146b0ca
protobuf-lite-3.5.0-15.el8.ppc64le.rpm	SHA-256: 45460e23b6298b3a8d5ec0ef6b9da7cc79afcc659e191038193e056f7535727f
protobuf-lite-debuginfo-3.5.0-15.el8.ppc64le.rpm	SHA-256: 4ddedacefc52fd47a14db6660ac30c20870053e9657476dd9adc0de160611521
python3-protobuf-3.5.0-15.el8.noarch.rpm	SHA-256: 1ed0d6c262fc0711f8d5f13d6234090b08a9753128a49aa73046c2d69d9ef404

Red Hat Enterprise Linux for ARM 64 8

SRPM
protobuf-3.5.0-15.el8.src.rpm	SHA-256: 79e67ed4a6e4df49ec1a0df4c678f87d21a7270897854fe25573dc40b95992d0
aarch64
protobuf-3.5.0-15.el8.aarch64.rpm	SHA-256: da104c59254b60f093034924e21a7aabdeb1515d4b39e29aae60937257f71398
protobuf-compiler-3.5.0-15.el8.aarch64.rpm	SHA-256: 7d23ac84f7e7d3a13978d9e476b2fa87dba2abedf89a0c8241978ab213fdee20
protobuf-compiler-debuginfo-3.5.0-15.el8.aarch64.rpm	SHA-256: 6d3f5d42a266356de5eea5d1a23bb40a8b853e124f743864ee6c2d8171ca186d
protobuf-debuginfo-3.5.0-15.el8.aarch64.rpm	SHA-256: 007acf1d54ce9b57be8b042175946d07d233f95a6efcab4ba12ecec576a841d0
protobuf-debugsource-3.5.0-15.el8.aarch64.rpm	SHA-256: 643525d00b7b89a7ef059e5367697cf1cc8e26df24f40e47d618c5f73f3b227a
protobuf-lite-3.5.0-15.el8.aarch64.rpm	SHA-256: c4f14f0a23b56dc01f4913bbbcbd035b2177f8f5b68811b8bd2fc473d689d9dd
protobuf-lite-debuginfo-3.5.0-15.el8.aarch64.rpm	SHA-256: 9de2be5b3720deeec042f24c6066181000986bc866aa69d2293aec12758acd7a
python3-protobuf-3.5.0-15.el8.noarch.rpm	SHA-256: 1ed0d6c262fc0711f8d5f13d6234090b08a9753128a49aa73046c2d69d9ef404

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
protobuf-compiler-debuginfo-3.5.0-15.el8.i686.rpm	SHA-256: 1091fa85c851541fb4beb3ef470b5a1032518bda1350b2110a461d79fdc814e3
protobuf-compiler-debuginfo-3.5.0-15.el8.x86_64.rpm	SHA-256: 79ba85bc4a984bcff70788eb5eda1fcb738e4a6dfda61b6bf2c26b52bd7cb121
protobuf-debuginfo-3.5.0-15.el8.i686.rpm	SHA-256: 4ce48e6c020f89979a6f7fef3db04de7ff890a96edac4081025a6223ef1dd5fa
protobuf-debuginfo-3.5.0-15.el8.x86_64.rpm	SHA-256: 8039fa16623234201c1f14b2ae21e5664ea6a9946b2814d4c21fe5ac862da795
protobuf-debugsource-3.5.0-15.el8.i686.rpm	SHA-256: c814d8039a84d18257066da0b0235694a63ae1d6849b899967d207a004e0b12b
protobuf-debugsource-3.5.0-15.el8.x86_64.rpm	SHA-256: 042a3911c323c339d7f6b343f448684731ce8f980948e3865e3411f528f70a18
protobuf-devel-3.5.0-15.el8.i686.rpm	SHA-256: 21755eebceeb8250823898b1fe22a2b8acadd5033189b46612721b0737df8d7e
protobuf-devel-3.5.0-15.el8.x86_64.rpm	SHA-256: d85ddaa317ea62882e77bf7d471598ddd1b5e112838c6cd39e8fcaaecf26d122
protobuf-lite-debuginfo-3.5.0-15.el8.i686.rpm	SHA-256: 971b1fd6168a411465f2d791fe113e4a8d94935f17378b375e9c7d0ab10bc64b
protobuf-lite-debuginfo-3.5.0-15.el8.x86_64.rpm	SHA-256: 1d51b6f76103a17aae612ec2102c1836740e289bc1b8d0c2406258fc4a4105e6
protobuf-lite-devel-3.5.0-15.el8.i686.rpm	SHA-256: 85f388d247cf69c0ccbf95e01a4dda549c5f62458032904c63114705c9ecbbd1
protobuf-lite-devel-3.5.0-15.el8.x86_64.rpm	SHA-256: 6a3791cb27df2c835574c82c7fb635d0a5bb8021e04d211a6255626fc67469c6

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
ppc64le
protobuf-compiler-debuginfo-3.5.0-15.el8.ppc64le.rpm	SHA-256: a3ba16c5e24ffbb3c8e36f04ed33bdfc527f5a3aa925b2f1c32e5a50605b164f
protobuf-debuginfo-3.5.0-15.el8.ppc64le.rpm	SHA-256: 2a5b836a198fa1812728dff295352d199655d6a69b0d43c799aebcb7714781f8
protobuf-debugsource-3.5.0-15.el8.ppc64le.rpm	SHA-256: a48fa67fb389efd7c664850d7709b37696ebc26d98780b1c4d5aa101b146b0ca
protobuf-devel-3.5.0-15.el8.ppc64le.rpm	SHA-256: 2ab0a424498b7ad3e4f8156da954bbab118b2679c9ab31b59d6e48df300434de
protobuf-lite-debuginfo-3.5.0-15.el8.ppc64le.rpm	SHA-256: 4ddedacefc52fd47a14db6660ac30c20870053e9657476dd9adc0de160611521
protobuf-lite-devel-3.5.0-15.el8.ppc64le.rpm	SHA-256: 02757dbce97058de68e8fdf22c29549099867079053a6769f194f76ddf99836d

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
protobuf-compiler-debuginfo-3.5.0-15.el8.aarch64.rpm	SHA-256: 6d3f5d42a266356de5eea5d1a23bb40a8b853e124f743864ee6c2d8171ca186d
protobuf-debuginfo-3.5.0-15.el8.aarch64.rpm	SHA-256: 007acf1d54ce9b57be8b042175946d07d233f95a6efcab4ba12ecec576a841d0
protobuf-debugsource-3.5.0-15.el8.aarch64.rpm	SHA-256: 643525d00b7b89a7ef059e5367697cf1cc8e26df24f40e47d618c5f73f3b227a
protobuf-devel-3.5.0-15.el8.aarch64.rpm	SHA-256: 35328cebce0f4e95eae7ef09d405ebe6de151ab384963ce903ce67d72475ed64
protobuf-lite-debuginfo-3.5.0-15.el8.aarch64.rpm	SHA-256: 9de2be5b3720deeec042f24c6066181000986bc866aa69d2293aec12758acd7a
protobuf-lite-devel-3.5.0-15.el8.aarch64.rpm	SHA-256: a1a918534023e10e76f0c58b7bc2a3dac1bc528c893f25abc34f8ff14b8a3093

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
protobuf-compiler-debuginfo-3.5.0-15.el8.s390x.rpm	SHA-256: 9c2cbd6b3800721917a66b778099220e9892036a06770bf919cb3962f26dbbf4
protobuf-debuginfo-3.5.0-15.el8.s390x.rpm	SHA-256: 040984ba8921eb4d6d11d7ffd897d211b00dcb53b1c67b4e91b510a5946776af
protobuf-debugsource-3.5.0-15.el8.s390x.rpm	SHA-256: 840e215738ba46d40f5215562920e6bd8975cbf5011f43ba78febe33cb286a6e
protobuf-devel-3.5.0-15.el8.s390x.rpm	SHA-256: 5b9627df15f7546db15575dbcfc6bbdd44777544e26a62f4a0981c037039113c
protobuf-lite-debuginfo-3.5.0-15.el8.s390x.rpm	SHA-256: d655f19a3704033e3e601d927c310cd312c2e406ff90952f172a527480c91c34
protobuf-lite-devel-3.5.0-15.el8.s390x.rpm	SHA-256: b29043cda776ea196392edd416367739ec7bb53d58bbc023ed15c7346afa6364

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation