- Issued:
- 2024-04-18
- Updated:
- 2024-04-18
RHSA-2024:1924 - Security Advisory
Synopsis
Moderate: Migration Toolkit for Runtimes security, bug fix and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
Migration Toolkit for Runtimes 1.2.5 release
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Description
Migration Toolkit for Runtimes 1.2.5 ZIP artifacts
Security Fix(es):
- commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file (CVE-2024-25710)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Solution
The References section of this erratum contains a download link (you must log in to download the update).
Affected Products
- Red Hat Migration Toolkit for Runtimes Advisory Metadata x86_64
Fixes
- BZ - 2264988 - CVE-2024-25710 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
- WINDUPRULE-1044 - EAP XP5 App Migration Issue: MP OpenTracing Replaced
CVEs
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.