Red Hat Product Errata RHSA-2024:3401 - Security Advisory
Issued:
2024-05-28
Updated:
2024-05-28

RHSA-2024:3401 - Security Advisory

Synopsis

Moderate: rpm-ostree security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rpm-ostree is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Description

The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and rollbacks.

Security Fix(es):

  • rpm-ostree: world-readable /etc/shadow file (CVE-2024-2905)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2271585 - CVE-2024-2905 rpm-ostree: world-readable /etc/shadow file

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
x86_64
rpm-ostree-2023.3-2.el9_2.x86_64.rpm SHA-256: cb9484e61a25052bca46d685d33efe3784da82f06c8802059ea34fc89fd76f66
rpm-ostree-debuginfo-2023.3-2.el9_2.i686.rpm SHA-256: ac84faf7d324f4216bc667a17ea9c9ace8465c38c94bde8478df26fdb6d7f6de
rpm-ostree-debuginfo-2023.3-2.el9_2.x86_64.rpm SHA-256: 6b637164b126a9bd80018d4e381cba53c9b57631cab165d14d38cfbe36870460
rpm-ostree-debugsource-2023.3-2.el9_2.i686.rpm SHA-256: 2946fa8ae6175b7ceb2f7e5790c2d8faaf173654c8dfaaeec5feeb3f56c53862
rpm-ostree-debugsource-2023.3-2.el9_2.x86_64.rpm SHA-256: 97de5a05aa9cb650dd617c15261efadc2e6df9982793c3648d1b296ea3989b93
rpm-ostree-libs-2023.3-2.el9_2.i686.rpm SHA-256: c4e965f99a5b126e2c13529b1503a0f78cedd7910adaab842e9ec92e4eb6e35c
rpm-ostree-libs-2023.3-2.el9_2.x86_64.rpm SHA-256: d33fc9fc1eb09869d2f21b4fd899dd1ed078e163e432da04d0fb54a5c7ae762b
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.i686.rpm SHA-256: 5c618510301b538b746ef7d90f6778e7831d2bf0bc040e0a5f5a989bd3003843
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.x86_64.rpm SHA-256: f95d9af4f1d34077728c685c25f85c3b67cde42842755a8d32c169ea2cc2aeb9

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
x86_64
rpm-ostree-2023.3-2.el9_2.x86_64.rpm SHA-256: cb9484e61a25052bca46d685d33efe3784da82f06c8802059ea34fc89fd76f66
rpm-ostree-debuginfo-2023.3-2.el9_2.i686.rpm SHA-256: ac84faf7d324f4216bc667a17ea9c9ace8465c38c94bde8478df26fdb6d7f6de
rpm-ostree-debuginfo-2023.3-2.el9_2.x86_64.rpm SHA-256: 6b637164b126a9bd80018d4e381cba53c9b57631cab165d14d38cfbe36870460
rpm-ostree-debugsource-2023.3-2.el9_2.i686.rpm SHA-256: 2946fa8ae6175b7ceb2f7e5790c2d8faaf173654c8dfaaeec5feeb3f56c53862
rpm-ostree-debugsource-2023.3-2.el9_2.x86_64.rpm SHA-256: 97de5a05aa9cb650dd617c15261efadc2e6df9982793c3648d1b296ea3989b93
rpm-ostree-libs-2023.3-2.el9_2.i686.rpm SHA-256: c4e965f99a5b126e2c13529b1503a0f78cedd7910adaab842e9ec92e4eb6e35c
rpm-ostree-libs-2023.3-2.el9_2.x86_64.rpm SHA-256: d33fc9fc1eb09869d2f21b4fd899dd1ed078e163e432da04d0fb54a5c7ae762b
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.i686.rpm SHA-256: 5c618510301b538b746ef7d90f6778e7831d2bf0bc040e0a5f5a989bd3003843
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.x86_64.rpm SHA-256: f95d9af4f1d34077728c685c25f85c3b67cde42842755a8d32c169ea2cc2aeb9

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
s390x
rpm-ostree-2023.3-2.el9_2.s390x.rpm SHA-256: 656a7762bb67889a45aa35d14710ad0502d5648c3f8458b6a8054ec46b0ce22a
rpm-ostree-debuginfo-2023.3-2.el9_2.s390x.rpm SHA-256: 4b6acf97a4aca87e344c7bf35b04eb4d5db5b0c14fc29834f660ab7e2148cd32
rpm-ostree-debugsource-2023.3-2.el9_2.s390x.rpm SHA-256: 863e832b08dfc91b90d63388860e428d111f7d3a7b86c0f9c892aea6520e1cff
rpm-ostree-libs-2023.3-2.el9_2.s390x.rpm SHA-256: 6505ea6f7f0ff9f17cc7b793903083b543f5bd4d6a3270d5860637515137e31b
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.s390x.rpm SHA-256: ade81362105961751e295e0229d3682a35bfba70f3557f1e9659a2383972b400

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
ppc64le
rpm-ostree-2023.3-2.el9_2.ppc64le.rpm SHA-256: ae4438808775220e1f56799dec3e9a8727418b5a8d2af98b051b78c0d0c80d40
rpm-ostree-debuginfo-2023.3-2.el9_2.ppc64le.rpm SHA-256: f224c6a04da4eb0f7c8f2e2dbcd52eeb27921b1e8b6c87564dd34ac81488c425
rpm-ostree-debugsource-2023.3-2.el9_2.ppc64le.rpm SHA-256: 539b1ada6ff5e2ec5f72ba7612fb56ae15147c1c552c56b8418db65459c4edda
rpm-ostree-libs-2023.3-2.el9_2.ppc64le.rpm SHA-256: 55ffb75cdfaacc767509e59f4feda22a3c08d1e8289c15e636b3447fcf838725
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.ppc64le.rpm SHA-256: 3bb3090166efefa2b509f011cf5f5dda9bf3bfdc3dd352ea0372031b882fdf4d

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
aarch64
rpm-ostree-2023.3-2.el9_2.aarch64.rpm SHA-256: 691bb421e888727b4188322316ac575fef1327f07f9d1676a038b864219885cc
rpm-ostree-debuginfo-2023.3-2.el9_2.aarch64.rpm SHA-256: 5e60825107a12569653136cbbe6eb42de61b19ca0aa0fe1b98fb5591032badf7
rpm-ostree-debugsource-2023.3-2.el9_2.aarch64.rpm SHA-256: 54bbcc94b002b40ae7cd7094aa59ffe438b928c51b6335408274bdaebafa4755
rpm-ostree-libs-2023.3-2.el9_2.aarch64.rpm SHA-256: aca951768b1c7bc0be5a0249d75420bfb1a82330074ca18f2381562ea1ee62e1
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.aarch64.rpm SHA-256: 40a40e84b09d159ee8b04b7acf8651c2f2f425bdee8347b914c9681b3c7c7e6d

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
ppc64le
rpm-ostree-2023.3-2.el9_2.ppc64le.rpm SHA-256: ae4438808775220e1f56799dec3e9a8727418b5a8d2af98b051b78c0d0c80d40
rpm-ostree-debuginfo-2023.3-2.el9_2.ppc64le.rpm SHA-256: f224c6a04da4eb0f7c8f2e2dbcd52eeb27921b1e8b6c87564dd34ac81488c425
rpm-ostree-debugsource-2023.3-2.el9_2.ppc64le.rpm SHA-256: 539b1ada6ff5e2ec5f72ba7612fb56ae15147c1c552c56b8418db65459c4edda
rpm-ostree-libs-2023.3-2.el9_2.ppc64le.rpm SHA-256: 55ffb75cdfaacc767509e59f4feda22a3c08d1e8289c15e636b3447fcf838725
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.ppc64le.rpm SHA-256: 3bb3090166efefa2b509f011cf5f5dda9bf3bfdc3dd352ea0372031b882fdf4d

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
x86_64
rpm-ostree-2023.3-2.el9_2.x86_64.rpm SHA-256: cb9484e61a25052bca46d685d33efe3784da82f06c8802059ea34fc89fd76f66
rpm-ostree-debuginfo-2023.3-2.el9_2.i686.rpm SHA-256: ac84faf7d324f4216bc667a17ea9c9ace8465c38c94bde8478df26fdb6d7f6de
rpm-ostree-debuginfo-2023.3-2.el9_2.x86_64.rpm SHA-256: 6b637164b126a9bd80018d4e381cba53c9b57631cab165d14d38cfbe36870460
rpm-ostree-debugsource-2023.3-2.el9_2.i686.rpm SHA-256: 2946fa8ae6175b7ceb2f7e5790c2d8faaf173654c8dfaaeec5feeb3f56c53862
rpm-ostree-debugsource-2023.3-2.el9_2.x86_64.rpm SHA-256: 97de5a05aa9cb650dd617c15261efadc2e6df9982793c3648d1b296ea3989b93
rpm-ostree-libs-2023.3-2.el9_2.i686.rpm SHA-256: c4e965f99a5b126e2c13529b1503a0f78cedd7910adaab842e9ec92e4eb6e35c
rpm-ostree-libs-2023.3-2.el9_2.x86_64.rpm SHA-256: d33fc9fc1eb09869d2f21b4fd899dd1ed078e163e432da04d0fb54a5c7ae762b
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.i686.rpm SHA-256: 5c618510301b538b746ef7d90f6778e7831d2bf0bc040e0a5f5a989bd3003843
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.x86_64.rpm SHA-256: f95d9af4f1d34077728c685c25f85c3b67cde42842755a8d32c169ea2cc2aeb9

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
aarch64
rpm-ostree-2023.3-2.el9_2.aarch64.rpm SHA-256: 691bb421e888727b4188322316ac575fef1327f07f9d1676a038b864219885cc
rpm-ostree-debuginfo-2023.3-2.el9_2.aarch64.rpm SHA-256: 5e60825107a12569653136cbbe6eb42de61b19ca0aa0fe1b98fb5591032badf7
rpm-ostree-debugsource-2023.3-2.el9_2.aarch64.rpm SHA-256: 54bbcc94b002b40ae7cd7094aa59ffe438b928c51b6335408274bdaebafa4755
rpm-ostree-libs-2023.3-2.el9_2.aarch64.rpm SHA-256: aca951768b1c7bc0be5a0249d75420bfb1a82330074ca18f2381562ea1ee62e1
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.aarch64.rpm SHA-256: 40a40e84b09d159ee8b04b7acf8651c2f2f425bdee8347b914c9681b3c7c7e6d

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
rpm-ostree-2023.3-2.el9_2.src.rpm SHA-256: 76f16ecd95761d2f8ae614052e566bf3595b9fb40cb0e4671c42ed67270d30f5
s390x
rpm-ostree-2023.3-2.el9_2.s390x.rpm SHA-256: 656a7762bb67889a45aa35d14710ad0502d5648c3f8458b6a8054ec46b0ce22a
rpm-ostree-debuginfo-2023.3-2.el9_2.s390x.rpm SHA-256: 4b6acf97a4aca87e344c7bf35b04eb4d5db5b0c14fc29834f660ab7e2148cd32
rpm-ostree-debugsource-2023.3-2.el9_2.s390x.rpm SHA-256: 863e832b08dfc91b90d63388860e428d111f7d3a7b86c0f9c892aea6520e1cff
rpm-ostree-libs-2023.3-2.el9_2.s390x.rpm SHA-256: 6505ea6f7f0ff9f17cc7b793903083b543f5bd4d6a3270d5860637515137e31b
rpm-ostree-libs-debuginfo-2023.3-2.el9_2.s390x.rpm SHA-256: ade81362105961751e295e0229d3682a35bfba70f3557f1e9659a2383972b400

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.