Red Hat Product Errata RHSA-2023:6944 - Security Advisory
Issued:
2023-11-14
Updated:
2023-11-14

RHSA-2023:6944 - Security Advisory

Synopsis

Moderate: protobuf-c security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for protobuf-c is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The protobuf-c packages provide C bindings for Google's Protocol Buffers.

Security Fix(es):

  • protobuf-c: unsigned integer overflow in parse_required_member (CVE-2022-48468)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2186673 - CVE-2022-48468 protobuf-c: unsigned integer overflow in parse_required_member

Red Hat Enterprise Linux for x86_64 8

SRPM
protobuf-c-1.3.0-8.el8.src.rpm SHA-256: 4c6bb407d570a727efab6fa829e3637b2c4dc6d63a510ee651b0000c904efd26
x86_64
protobuf-c-1.3.0-8.el8.i686.rpm SHA-256: c0e10ebffc377f334774450e6db257b2233e132b0f623718b107ae805985b1b5
protobuf-c-1.3.0-8.el8.x86_64.rpm SHA-256: 7c6b990e2c0a6cd8ff1f76fc2c83a83528b4663f90257e6b5a708b733bd78085
protobuf-c-compiler-1.3.0-8.el8.i686.rpm SHA-256: ad6d74c350543de8f684c4087cfa2b0a3a44c84bd80fe81c129f428a92649f79
protobuf-c-compiler-1.3.0-8.el8.x86_64.rpm SHA-256: d5779593e7f66144207f7331a7d366cfc7232c1c2d86ca35b0989e7293bba0dc
protobuf-c-compiler-debuginfo-1.3.0-8.el8.i686.rpm SHA-256: db7025c9b863b23cad42f4f8f0c0eb94ea77e4133197ff13fe1674d6c686391d
protobuf-c-compiler-debuginfo-1.3.0-8.el8.x86_64.rpm SHA-256: 3e855bb9ee0a41fbfe033f9089e91321f459bf9495381c4e275734255ca04b7c
protobuf-c-debuginfo-1.3.0-8.el8.i686.rpm SHA-256: 166e2b431e1035f388c6b4954c277c7b3a2f4fcc916787a171c8899914f1d90e
protobuf-c-debuginfo-1.3.0-8.el8.x86_64.rpm SHA-256: f31625992b8876e285c05a8f3809fd49124d1cb551528430a36b22174f845e31
protobuf-c-debugsource-1.3.0-8.el8.i686.rpm SHA-256: 151140e32029317472d304a7c58b86b173c4aedfd7abab6af2ded4bc5d7e60ea
protobuf-c-debugsource-1.3.0-8.el8.x86_64.rpm SHA-256: 44e86b9aec10c3dc8e3d7ae0012cbfb7a797f9bb930884b391068c01f7f3a6ff
protobuf-c-devel-1.3.0-8.el8.i686.rpm SHA-256: bd58dd668f078e87331f43d4a5be49a5db5bd4b746596e62de78fe712af7c3c1
protobuf-c-devel-1.3.0-8.el8.x86_64.rpm SHA-256: 5265fedb42e52c8f213d931a1495b6fffa1c1afad5b5137a7ef2af5ed807e52b

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
protobuf-c-1.3.0-8.el8.src.rpm SHA-256: 4c6bb407d570a727efab6fa829e3637b2c4dc6d63a510ee651b0000c904efd26
s390x
protobuf-c-1.3.0-8.el8.s390x.rpm SHA-256: dc7e23655205636113cee7fb423e717c4beb5e93f2cf0d742815c7be67631494
protobuf-c-compiler-1.3.0-8.el8.s390x.rpm SHA-256: ea33a44284fadf882b11b2708dc30c4ffcd028d623236db6a00594d1103a27b1
protobuf-c-compiler-debuginfo-1.3.0-8.el8.s390x.rpm SHA-256: 4cd0f99ac358bb6fe5d4c8fbe16d9fc25a8ce29d8c5c4fce2661388ea74a46dd
protobuf-c-debuginfo-1.3.0-8.el8.s390x.rpm SHA-256: 37af27a53c6ba53663a1056c51f54c73dda852fb8f2367d2dc2ecab419b23819
protobuf-c-debugsource-1.3.0-8.el8.s390x.rpm SHA-256: a4d63de1c5f3d0c868e6c3033b9ecb429a4a336663d4a3c7901a3d31250196fc
protobuf-c-devel-1.3.0-8.el8.s390x.rpm SHA-256: 1ad3e570b96e3a36c7b850f37b1b84d725ada3b996dde20f2a24674d78c9cd12

Red Hat Enterprise Linux for Power, little endian 8

SRPM
protobuf-c-1.3.0-8.el8.src.rpm SHA-256: 4c6bb407d570a727efab6fa829e3637b2c4dc6d63a510ee651b0000c904efd26
ppc64le
protobuf-c-1.3.0-8.el8.ppc64le.rpm SHA-256: f949de7220616bde9ccb9c9b401c6085dbbdf9f90c9627e9b08fd3bd6c5034da
protobuf-c-compiler-1.3.0-8.el8.ppc64le.rpm SHA-256: 2405479fca8a3b1c15b401746fcc4458cc75da117c48a260f9b6517c4f66d458
protobuf-c-compiler-debuginfo-1.3.0-8.el8.ppc64le.rpm SHA-256: 66a3909cd3069973ec561180dd255b5e4d7d8bb726734b51530959197971deb1
protobuf-c-debuginfo-1.3.0-8.el8.ppc64le.rpm SHA-256: 1495e485f25e932308c473998d031e4683dd928dee8866233c7924940da03ed8
protobuf-c-debugsource-1.3.0-8.el8.ppc64le.rpm SHA-256: a5cc04d01d1c8337b10a4b842cd9eab766c26b4f93cce01bfd4970930af8e809
protobuf-c-devel-1.3.0-8.el8.ppc64le.rpm SHA-256: d0684ed2fed8dd8014d23a46a76dbb0d78cb6561ababb1632620845f621a5ea2

Red Hat Enterprise Linux for ARM 64 8

SRPM
protobuf-c-1.3.0-8.el8.src.rpm SHA-256: 4c6bb407d570a727efab6fa829e3637b2c4dc6d63a510ee651b0000c904efd26
aarch64
protobuf-c-1.3.0-8.el8.aarch64.rpm SHA-256: 8be3249717c15beb958df28e5947975df14195de2b659c12310b3f63f37acc16
protobuf-c-compiler-1.3.0-8.el8.aarch64.rpm SHA-256: 6a2d0344c499655da17bf5da321073be947274cf7e76e7c6a315d37db94762cf
protobuf-c-compiler-debuginfo-1.3.0-8.el8.aarch64.rpm SHA-256: 218f02f669f18e2778377d9e89c0e0976bc80c1025647e9aa4333c1bf3ff17b2
protobuf-c-debuginfo-1.3.0-8.el8.aarch64.rpm SHA-256: d40930a893207420d86d0f4dae75105d6f504796830d683627e87f88f07aa138
protobuf-c-debugsource-1.3.0-8.el8.aarch64.rpm SHA-256: 6bf8e2235c326d08e8c88b74b5cf944806d1f12122223aacaeac5f45f232e645
protobuf-c-devel-1.3.0-8.el8.aarch64.rpm SHA-256: 2e9c55ca96857c2dfd6dbc0be4bfa2d5a8af756b3a5bcefabb7e164a9bd0ee8c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.