Red Hat Product Errata RHSA-2023:7731 - Security Advisory
Issued:
2023-12-12
Updated:
2023-12-12

RHSA-2023:7731 - Security Advisory

Synopsis

Important: tracker-miners security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tracker-miners is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. This package contains various miners and metadata extractors for tracker.

Security Fix(es):

  • tracker-miners: sandbox escape (CVE-2023-5557)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 2243096 - CVE-2023-5557 tracker-miners: sandbox escape

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
tracker-miners-2.1.5-2.el8_2.1.src.rpm SHA-256: 512bfa5d11bc0f2c389d1bfddaf328c6b76143cfd491251581adc5f8e0c6a5c2
x86_64
tracker-miners-2.1.5-2.el8_2.1.i686.rpm SHA-256: 615f2d66a8c634e8d691a0475acccd215c28a9cdd2ca8bfe8928d7ca956dc5da
tracker-miners-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: 5da9389eca7dc274b83ed593dd9cf5931c84953813df7fd59b74d7f4105fd318
tracker-miners-debuginfo-2.1.5-2.el8_2.1.i686.rpm SHA-256: ac055ce6d569061003dc12ac3eb758e32df9c27eae6d9993ad1e558bbd3f69ef
tracker-miners-debuginfo-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: a9f012e3fad42f1f13cd6db9d561a81bfc322bf87286b879ec2386ffd64bdab1
tracker-miners-debugsource-2.1.5-2.el8_2.1.i686.rpm SHA-256: 6e45df204d9053aa99d3b77264cde35ea05fede7e9e70504749b182cbf2fe00c
tracker-miners-debugsource-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: 6e4bd68ad03219557b986fd4af8f74db3c11a835d0b0e505758ef14af54a5ff2

Red Hat Enterprise Linux Server - TUS 8.2

SRPM
tracker-miners-2.1.5-2.el8_2.1.src.rpm SHA-256: 512bfa5d11bc0f2c389d1bfddaf328c6b76143cfd491251581adc5f8e0c6a5c2
x86_64
tracker-miners-2.1.5-2.el8_2.1.i686.rpm SHA-256: 615f2d66a8c634e8d691a0475acccd215c28a9cdd2ca8bfe8928d7ca956dc5da
tracker-miners-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: 5da9389eca7dc274b83ed593dd9cf5931c84953813df7fd59b74d7f4105fd318
tracker-miners-debuginfo-2.1.5-2.el8_2.1.i686.rpm SHA-256: ac055ce6d569061003dc12ac3eb758e32df9c27eae6d9993ad1e558bbd3f69ef
tracker-miners-debuginfo-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: a9f012e3fad42f1f13cd6db9d561a81bfc322bf87286b879ec2386ffd64bdab1
tracker-miners-debugsource-2.1.5-2.el8_2.1.i686.rpm SHA-256: 6e45df204d9053aa99d3b77264cde35ea05fede7e9e70504749b182cbf2fe00c
tracker-miners-debugsource-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: 6e4bd68ad03219557b986fd4af8f74db3c11a835d0b0e505758ef14af54a5ff2

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM
tracker-miners-2.1.5-2.el8_2.1.src.rpm SHA-256: 512bfa5d11bc0f2c389d1bfddaf328c6b76143cfd491251581adc5f8e0c6a5c2
ppc64le
tracker-miners-2.1.5-2.el8_2.1.ppc64le.rpm SHA-256: 0e61faadaa6ce0aaae3370e546f3c5727c95beda0878f09397f77d62c8939f04
tracker-miners-debuginfo-2.1.5-2.el8_2.1.ppc64le.rpm SHA-256: b4d3f0c9069a0920be6f18b67fc85063233b692847b078209b6f4925d26ca4bc
tracker-miners-debugsource-2.1.5-2.el8_2.1.ppc64le.rpm SHA-256: 544380c3a5d8eba41800bdf16452b67e1e97bba07e5c0054016c8d042c9f2f42

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM
tracker-miners-2.1.5-2.el8_2.1.src.rpm SHA-256: 512bfa5d11bc0f2c389d1bfddaf328c6b76143cfd491251581adc5f8e0c6a5c2
x86_64
tracker-miners-2.1.5-2.el8_2.1.i686.rpm SHA-256: 615f2d66a8c634e8d691a0475acccd215c28a9cdd2ca8bfe8928d7ca956dc5da
tracker-miners-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: 5da9389eca7dc274b83ed593dd9cf5931c84953813df7fd59b74d7f4105fd318
tracker-miners-debuginfo-2.1.5-2.el8_2.1.i686.rpm SHA-256: ac055ce6d569061003dc12ac3eb758e32df9c27eae6d9993ad1e558bbd3f69ef
tracker-miners-debuginfo-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: a9f012e3fad42f1f13cd6db9d561a81bfc322bf87286b879ec2386ffd64bdab1
tracker-miners-debugsource-2.1.5-2.el8_2.1.i686.rpm SHA-256: 6e45df204d9053aa99d3b77264cde35ea05fede7e9e70504749b182cbf2fe00c
tracker-miners-debugsource-2.1.5-2.el8_2.1.x86_64.rpm SHA-256: 6e4bd68ad03219557b986fd4af8f74db3c11a835d0b0e505758ef14af54a5ff2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.